{"id": "OPENVAS:136141256231063324", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Core 10 FEDORA-2009-1074 (sudo)", "description": "The remote host is missing an update to sudo\nannounced via advisory FEDORA-2009-1074.", "published": "2009-02-10T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063324", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": ["https://bugzilla.redhat.com/show_bug.cgi?id=481720"], "cvelist": ["CVE-2009-0034"], "lastseen": "2018-04-06T11:38:06", "viewCount": 1, "enchantments": {"score": {"value": 7.2, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-0034"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-0034", "DEBIANCVE:CVE-2011-0008"]}, {"type": "fedora", "idList": ["FEDORA:9EB8F20896F"]}, {"type": "freebsd", "idList": ["13D6D997-F455-11DD-8516-001B77D09812"]}, {"type": "gentoo", "idList": ["GLSA-200902-01"]}, {"type": "nessus", "idList": ["FEDORA_2009-1074.NASL", "FEDORA_2011-0455.NASL", "FEDORA_2011-0470.NASL", "FREEBSD_PKG_13D6D997F45511DD8516001B77D09812.NASL", "GENTOO_GLSA-200902-01.NASL", "MANDRIVA_MDVSA-2009-033.NASL", "NEWSTART_CGSL_NS-SA-2021-0101_SUDO.NASL", "NEWSTART_CGSL_NS-SA-2021-0120_SUDO.NASL", "ORACLELINUX_ELSA-2009-0267.NASL", "REDHAT-RHSA-2009-0267.NASL", "SL_20090205_SUDO_ON_SL5_X.NASL", "UBUNTU_USN-722-1.NASL", "VMWARE_VMSA-2009-0009.NASL", "VMWARE_VMSA-2009-0009_REMOTE.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310122521", "OPENVAS:136141256231063304", "OPENVAS:136141256231063318", "OPENVAS:136141256231063322", "OPENVAS:136141256231063335", "OPENVAS:136141256231063362", "OPENVAS:1361412562310831316", "OPENVAS:1361412562310862803", "OPENVAS:1361412562310862805", "OPENVAS:63304", "OPENVAS:63318", "OPENVAS:63322", "OPENVAS:63324", "OPENVAS:63335", "OPENVAS:63362", "OPENVAS:63414", "OPENVAS:64441", "OPENVAS:64442", "OPENVAS:64443", "OPENVAS:831316", "OPENVAS:862803", "OPENVAS:862805"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0267"]}, {"type": "redhat", "idList": ["RHSA-2009:0267"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21270", "SECURITYVULNS:VULN:11367", "SECURITYVULNS:VULN:9637"]}, {"type": "seebug", "idList": ["SSV:4797"]}, {"type": "ubuntu", "idList": ["USN-722-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0034"]}, {"type": "vmware", "idList": ["VMSA-2009-0009"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2009-0034"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2009-0034"]}, {"type": "freebsd", "idList": ["13D6D997-F455-11DD-8516-001B77D09812"]}, {"type": "nessus", "idList": ["FEDORA_2009-1074.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310862803"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21270"]}, {"type": "seebug", "idList": ["SSV:4797"]}, {"type": "ubuntu", "idList": ["USN-722-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2009-0034"]}, {"type": "vmware", "idList": ["VMSA-2009-0009"]}]}, "exploitation": null, "vulnersScore": 7.2}, "pluginID": "136141256231063324", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_1074.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-1074 (sudo)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Sudo (superuser do) allows a system administrator to give certain\nusers (or groups of users) the ability to run some (or all) commands\nas root while logging all commands and arguments. Sudo operates on a\nper-command basis. It is not a replacement for the shell. Features\ninclude: the ability to restrict what commands a user may run on a\nper-host basis, copious logging of each command (providing a clear\naudit trail of who did what), a configurable timeout of the sudo\ncommand, and the ability to use the same configuration file (sudoers)\non many different machines.\n\nUpdate Information:\n\nFix for incorrect handling of groups in Runas_User\n\nChangeLog:\n\n* Thu Jan 29 2009 Daniel Kopecek 1.6.9p17-5\n- Fix for incorrect handling of groups in Runas_User\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update sudo' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1074\";\ntag_summary = \"The remote host is missing an update to sudo\nannounced via advisory FEDORA-2009-1074.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63324\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-1074 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=481720\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo-debuginfo\", rpm:\"sudo-debuginfo~1.6.9p17~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}
{"securityvulns": [{"lastseen": "2018-08-31T11:09:31", "description": "It's possible to elevate privileges to root even if configured to run under different account.", "edition": 1, "cvss3": {}, "published": "2009-02-01T00:00:00", "title": "sudo privilege escalation", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-01T00:00:00", "id": "SECURITYVULNS:VULN:9637", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9637", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:29", "description": "rPath Security Advisory: 2009-0021-1\r\nPublished: 2009-01-29\r\nProducts:\r\n rPath Linux 2\r\n\r\nRating: Major\r\nExposure Level Classification:\r\n Local Root Deterministic Privilege Escalation\r\nUpdated Versions:\r\n sudo=conary.rpath.com@rpl:2/1.6.9p12-3.1-1\r\n\r\nrPath Issue Tracking System:\r\n https://issues.rpath.com/browse/RPL-2954\r\n\r\nReferences:\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0034\r\n\r\nDescription:\r\n In previous versions of sudo, in a non-default configuration which\r\n allows users in certain groups to run commands as other non-root\r\n users, it is possible for non-root users to inappropriately gain\r\n root privileges. This has been fixed.\r\n\r\nhttp://wiki.rpath.com/Advisories:rPSA-2009-0021\r\n\r\nCopyright 2009 rPath, Inc.\r\nThis file is distributed under the terms of the MIT License.\r\nA copy is available at http://www.rpath.com/permanent/mit-license.html", "edition": 1, "cvss3": {}, "published": "2009-02-01T00:00:00", "title": "rPSA-2009-0021-1 sudo", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-01T00:00:00", "id": "SECURITYVULNS:DOC:21270", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21270", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:09:40", "description": "Under some conditions it's possible to execute code with group rights.", "edition": 1, "cvss3": {}, "published": "2011-01-20T00:00:00", "title": "sudo privilege escalation", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2011-01-20T00:00:00", "id": "SECURITYVULNS:VULN:11367", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:11367", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-08-19T13:09:02", "description": "Todd Miller reports :\n\nA bug was introduced in Sudo's group matching code in version 1.6.9 when support for matching based on the supplemental group vector was added. This bug may allow certain users listed in the sudoers file to run a command as a different user than their access rule specifies.", "cvss3": {"score": null, "vector": null}, "published": "2009-02-09T00:00:00", "type": "nessus", "title": "FreeBSD : sudo -- certain authorized users could run commands as any user (13d6d997-f455-11dd-8516-001b77d09812)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:sudo", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_13D6D997F45511DD8516001B77D09812.NASL", "href": "https://www.tenable.com/plugins/nessus/35613", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35613);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0034\");\n script_bugtraq_id(33517);\n\n script_name(english:\"FreeBSD : sudo -- certain authorized users could run commands as any user (13d6d997-f455-11dd-8516-001b77d09812)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Todd Miller reports :\n\nA bug was introduced in Sudo's group matching code in version 1.6.9\nwhen support for matching based on the supplemental group vector was\nadded. This bug may allow certain users listed in the sudoers file to\nrun a command as a different user than their access rule specifies.\"\n );\n # http://www.gratisoft.us/pipermail/sudo-announce/2009-February/000085.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bf9ec653\"\n );\n # https://vuxml.freebsd.org/freebsd/13d6d997-f455-11dd-8516-001b77d09812.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?236ac9c1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"sudo>=1.6.9<1.6.9.20\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:57:46", "description": "A flaw was discovered in a way sudo handled group specifications in 'run as' lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)", "cvss3": {"score": null, "vector": null}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : sudo on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20090205_SUDO_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/60529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(60529);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0034\");\n\n script_name(english:\"Scientific Linux Security Update : sudo on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Scientific Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was discovered in a way sudo handled group specifications in\n'run as' lists in the sudoers configuration file. If sudo\nconfiguration allowed a user to run commands as any user of some group\nand the user was also a member of that group, sudo incorrectly allowed\nthem to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0902&L=scientific-linux-errata&T=0&P=811\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b63a10fb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"sudo-1.6.9p17-3.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:04", "description": "A vulnerability has been identified in sudo which allowed - depending on the sudoers rules - a sudo-user to execute arbitrary shell commands as root (CVE-2009-0034).\n\nThe updated packages have been patched to prevent this.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : sudo (MDVSA-2009:033)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:sudo", "cpe:/o:mandriva:linux:2008.0", "cpe:/o:mandriva:linux:2008.1", "cpe:/o:mandriva:linux:2009.0"], "id": "MANDRIVA_MDVSA-2009-033.NASL", "href": "https://www.tenable.com/plugins/nessus/38137", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2009:033. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38137);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0034\");\n script_bugtraq_id(33517);\n script_xref(name:\"MDVSA\", value:\"2009:033\");\n\n script_name(english:\"Mandriva Linux Security Advisory : sudo (MDVSA-2009:033)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been identified in sudo which allowed - depending\non the sudoers rules - a sudo-user to execute arbitrary shell commands\nas root (CVE-2009-0034).\n\nThe updated packages have been patched to prevent this.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2008.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2008.0\", reference:\"sudo-1.6.9p5-1.1mdv2008.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2008.1\", reference:\"sudo-1.6.9p13-1.1mdv2008.1\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2009.0\", reference:\"sudo-1.6.9p17-1.1mdv2009.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:00", "description": "The remote host is affected by the vulnerability described in GLSA-200902-01 (sudo: Privilege escalation)\n\n Harald Koenig discovered that sudo incorrectly handles group specifications in Runas_Alias (and related) entries when a group is specified in the list (using %group syntax, to allow a user to run commands as any member of that group) and the user is already a member of that group.\n Impact :\n\n A local attacker could possibly run commands as an arbitrary system user (including root).\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2009-02-09T00:00:00", "type": "nessus", "title": "GLSA-200902-01 : sudo: Privilege escalation", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:sudo", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200902-01.NASL", "href": "https://www.tenable.com/plugins/nessus/35614", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200902-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35614);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0034\");\n script_xref(name:\"GLSA\", value:\"200902-01\");\n\n script_name(english:\"GLSA-200902-01 : sudo: Privilege escalation\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200902-01\n(sudo: Privilege escalation)\n\n Harald Koenig discovered that sudo incorrectly handles group\n specifications in Runas_Alias (and related) entries when a group is\n specified in the list (using %group syntax, to allow a user to run\n commands as any member of that group) and the user is already a member\n of that group.\n \nImpact :\n\n A local attacker could possibly run commands as an arbitrary system\n user (including root).\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200902-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All sudo users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.0'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-admin/sudo\", unaffected:make_list(\"ge 1.7.0\"), vulnerable:make_list(\"lt 1.7.0\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:45", "description": "Fix for incorrect handling of groups in Runas_User\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Fedora 10 : sudo-1.6.9p17-5.fc10 (2009-1074)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sudo", "cpe:/o:fedoraproject:fedora:10"], "id": "FEDORA_2009-1074.NASL", "href": "https://www.tenable.com/plugins/nessus/36971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-1074.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36971);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0034\");\n script_xref(name:\"FEDORA\", value:\"2009-1074\");\n\n script_name(english:\"Fedora 10 : sudo-1.6.9p17-5.fc10 (2009-1074)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix for incorrect handling of groups in Runas_User\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=481720\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-February/019665.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e8bf4902\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"sudo-1.6.9p17-5.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T12:54:28", "description": "From Red Hat Security Advisory 2009:0267 :\n\nAn updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in 'run as' lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a backported patch to resolve this issue.", "cvss3": {"score": null, "vector": null}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : sudo (ELSA-2009-0267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:sudo", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2009-0267.NASL", "href": "https://www.tenable.com/plugins/nessus/67801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0267 and \n# Oracle Linux Security Advisory ELSA-2009-0267 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67801);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\");\n script_bugtraq_id(33517);\n script_xref(name:\"RHSA\", value:\"2009:0267\");\n\n script_name(english:\"Oracle Linux 5 : sudo (ELSA-2009-0267)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0267 :\n\nAn updated sudo package to fix a security issue is now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in\n'run as' lists in the sudoers configuration file. If sudo\nconfiguration allowed a user to run commands as any user of some group\nand the user was also a member of that group, sudo incorrectly allowed\nthem to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-February/000880.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"sudo-1.6.9p17-3.el5_3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:08:45", "description": "Harald Koenig discovered that sudo did not correctly handle certain privilege changes when handling groups. If a local attacker belonged to a group included in a 'RunAs' list in the /etc/sudoers file, that user could gain root privileges. This was not an issue for the default sudoers file shipped with Ubuntu.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2009-04-23T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 8.10 : sudo vulnerability (USN-722-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:sudo", "p-cpe:/a:canonical:ubuntu_linux:sudo-ldap", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:8.10"], "id": "UBUNTU_USN-722-1.NASL", "href": "https://www.tenable.com/plugins/nessus/38070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-722-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(38070);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\");\n script_bugtraq_id(33517);\n script_xref(name:\"USN\", value:\"722-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 8.10 : sudo vulnerability (USN-722-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Harald Koenig discovered that sudo did not correctly handle certain\nprivilege changes when handling groups. If a local attacker belonged\nto a group included in a 'RunAs' list in the /etc/sudoers file, that\nuser could gain root privileges. This was not an issue for the default\nsudoers file shipped with Ubuntu.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/722-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected sudo and / or sudo-ldap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sudo-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(8\\.04|8\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 8.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"sudo\", pkgver:\"1.6.9p10-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"8.04\", pkgname:\"sudo-ldap\", pkgver:\"1.6.9p10-1ubuntu3.4\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"sudo\", pkgver:\"1.6.9p17-1ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"8.10\", pkgname:\"sudo-ldap\", pkgver:\"1.6.9p17-1ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo / sudo-ldap\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:09:00", "description": "An updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nThe sudo (superuser do) utility allows system administrators to give certain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in 'run as' lists in the sudoers configuration file. If sudo configuration allowed a user to run commands as any user of some group and the user was also a member of that group, sudo incorrectly allowed them to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a backported patch to resolve this issue.", "cvss3": {"score": null, "vector": null}, "published": "2009-02-06T00:00:00", "type": "nessus", "title": "RHEL 5 : sudo (RHSA-2009:0267)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:sudo", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3"], "id": "REDHAT-RHSA-2009-0267.NASL", "href": "https://www.tenable.com/plugins/nessus/35605", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0267. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35605);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\");\n script_bugtraq_id(33517);\n script_xref(name:\"RHSA\", value:\"2009:0267\");\n\n script_name(english:\"RHEL 5 : sudo (RHSA-2009:0267)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated sudo package to fix a security issue is now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in\n'run as' lists in the sudoers configuration file. If sudo\nconfiguration allowed a user to run commands as any user of some group\nand the user was also a member of that group, sudo incorrectly allowed\nthem to run defined commands with the privileges of any system user.\nThis gave the user unintended privileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0034\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0267\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/02/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0267\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"sudo-1.6.9p17-3.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"sudo-1.6.9p17-3.el5_3.1\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"sudo-1.6.9p17-3.el5_3.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n }\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-07T16:19:06", "description": "a. Service Console package udev\n\n A vulnerability in the udev program did not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-1185 to this issue.\n\n Please see http://kb.vmware.com/kb/1011786 for details.\n\nb. Service Console package sudo\n\n Service Console package for sudo has been updated to version sudo-1.6.9p17-3. This fixes the following issue: Sudo versions 1.6.9p17 through 1.6.9p19 do not properly interpret a system group in the sudoers file during authorization decisions for a user who belongs to that group, which might allow local users to leverage an applicable sudoers file and gain root privileges by using a sudo command.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0034 to this issue.\n\n Please see http://kb.vmware.com/kb/1011781 for more details\n\nc. Service Console package curl\n\n Service Console package for curl has been updated to version curl-7.15.5-2.1. This fixes the following issue: The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to trigger arbitrary requests to intranet servers, read or overwrite arbitrary files by using a redirect to a file: URL, or execute arbitrary commands by using a redirect to an scp: URL.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org) has assigned the name CVE-2009-0037 to this issue.\n\n Please see http://kb.vmware.com/kb/1011782 for details", "cvss3": {"score": null, "vector": null}, "published": "2011-02-17T00:00:00", "type": "nessus", "title": "VMSA-2009-0009 : ESX Service Console updates for udev, sudo, and curl", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2009-0037", "CVE-2009-1185"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx:4.0"], "id": "VMWARE_VMSA-2009-0009.NASL", "href": "https://www.tenable.com/plugins/nessus/52011", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from VMware Security Advisory 2009-0009. \n# The text itself is copyright (C) VMware Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(52011);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2009-0037\", \"CVE-2009-1185\");\n script_bugtraq_id(33517, 33962, 34536);\n script_xref(name:\"VMSA\", value:\"2009-0009\");\n\n script_name(english:\"VMSA-2009-0009 : ESX Service Console updates for udev, sudo, and curl\");\n script_summary(english:\"Checks esxupdate output for the patches\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote VMware ESX host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"a. Service Console package udev\n\n A vulnerability in the udev program did not verify whether a NETLINK\n message originates from kernel space, which allows local users to\n gain privileges by sending a NETLINK message from user space.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-1185 to this issue.\n\n Please see http://kb.vmware.com/kb/1011786 for details.\n\nb. Service Console package sudo\n\n Service Console package for sudo has been updated to version\n sudo-1.6.9p17-3. This fixes the following issue: Sudo versions\n 1.6.9p17 through 1.6.9p19 do not properly interpret a system group\n in the sudoers file during authorization decisions for a user who\n belongs to that group, which might allow local users to leverage an\n applicable sudoers file and gain root privileges by using a sudo\n command.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0034 to this issue.\n\n Please see http://kb.vmware.com/kb/1011781 for more details\n\nc. Service Console package curl\n\n Service Console package for curl has been updated to version\n curl-7.15.5-2.1. This fixes the following issue: The redirect\n implementation in curl and libcurl 5.11 through 7.19.3, when\n CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location\n values, which might allow remote HTTP servers to trigger arbitrary\n requests to intranet servers, read or overwrite arbitrary files by\n using a redirect to a file: URL, or execute arbitrary commands by\n using a redirect to an scp: URL.\n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0037 to this issue.\n\n Please see http://kb.vmware.com/kb/1011782 for details\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://lists.vmware.com/pipermail/security-announce/2009/000060.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply the missing patches.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux udev Netlink Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 264, 352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx:4.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/02/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"VMware ESX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/VMware/release\", \"Host/VMware/version\");\n script_require_ports(\"Host/VMware/esxupdate\", \"Host/VMware/esxcli_software_vibs\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"vmware_esx_packages.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/VMware/release\")) audit(AUDIT_OS_NOT, \"VMware ESX / ESXi\");\nif (\n !get_kb_item(\"Host/VMware/esxcli_software_vibs\") &&\n !get_kb_item(\"Host/VMware/esxupdate\")\n) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ninit_esx_check(date:\"2009-07-10\");\nflag = 0;\n\n\nif (\n esx_check(\n ver : \"ESX 4.0.0\",\n patch : \"ESX400-200906406-SG\",\n patch_updates : make_list(\"ESX400-201005409-SG\", \"ESX400-201009410-SG\", \"ESX400-201101404-SG\", \"ESX400-201305402-SG\", \"ESX400-Update01a\", \"ESX400-Update02\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0.0\",\n patch : \"ESX400-200906407-SG\",\n patch_updates : make_list(\"ESX400-200911232-SG\", \"ESX400-201009409-SG\", \"ESX400-201203403-SG\", \"ESX400-Update01a\", \"ESX400-Update02\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\nif (\n esx_check(\n ver : \"ESX 4.0.0\",\n patch : \"ESX400-200906411-SG\",\n patch_updates : make_list(\"ESX400-Update01a\", \"ESX400-Update02\", \"ESX400-Update03\", \"ESX400-Update04\")\n )\n) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:esx_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:02:02", "description": "- rebase to 1.7.4p5\n\n - fixed sudo-1.7.4p4-getgrouplist.patch\n\n - fixes CVE-2011-0008, CVE-2011-0010\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-24T00:00:00", "type": "nessus", "title": "Fedora 13 : sudo-1.7.4p5-1.fc13 (2011-0455)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sudo", "cpe:/o:fedoraproject:fedora:13"], "id": "FEDORA_2011-0455.NASL", "href": "https://www.tenable.com/plugins/nessus/51656", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0455.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51656);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\", \"CVE-2011-0010\");\n script_bugtraq_id(33517, 45774);\n script_xref(name:\"FEDORA\", value:\"2011-0455\");\n\n script_name(english:\"Fedora 13 : sudo-1.7.4p5-1.fc13 (2011-0455)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - rebase to 1.7.4p5\n\n - fixed sudo-1.7.4p4-getgrouplist.patch\n\n - fixes CVE-2011-0008, CVE-2011-0010\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=668843\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=668879\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e1e5ecb\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"sudo-1.7.4p5-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-27T14:33:33", "description": "Multiple vulnerabilities has been found and corrected in sudo :\n\nA a patch for parse.c in sudo does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression (CVE-2011-0008).\n\ncheck.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command (CVE-2011-0010).\n\nPackages for 2009.0 are provided as of the Extended Maintenance Program. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to the latest versions (1.7.4p6) which is not affected by these issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-28T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : sudo (MDVSA-2011:018)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:sudo", "cpe:/o:mandriva:linux:2009.0", "cpe:/o:mandriva:linux:2010.0", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2011-018.NASL", "href": "https://www.tenable.com/plugins/nessus/51809", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:018. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51809);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0008\", \"CVE-2011-0010\");\n script_bugtraq_id(33517, 45774);\n script_xref(name:\"MDVSA\", value:\"2011:018\");\n\n script_name(english:\"Mandriva Linux Security Advisory : sudo (MDVSA-2011:018)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been found and corrected in sudo :\n\nA a patch for parse.c in sudo does not properly interpret a system\ngroup (aka %group) in the sudoers file during authorization decisions\nfor a user who belongs to that group, which allows local users to\nleverage an applicable sudoers file and gain root privileges via a\nsudo command. NOTE: this vulnerability exists because of a\nCVE-2009-0034 regression (CVE-2011-0008).\n\ncheck.c in sudo 1.7.x before 1.7.4p5, when a Runas group is\nconfigured, does not require a password for command execution that\ninvolves a gid change but no uid change, which allows local users to\nbypass an intended authentication requirement via the -g option to a\nsudo command (CVE-2011-0010).\n\nPackages for 2009.0 are provided as of the Extended Maintenance\nProgram. Please visit this link to learn more:\nhttp://store.mandriva.com/product_info.php?cPath=149 products_id=490\n\nThe updated packages have been upgraded to the latest versions\n(1.7.4p6) which is not affected by these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2009.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2009.0\", reference:\"sudo-1.7.4p6-0.1mdv2009.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.0\", reference:\"sudo-1.7.4p6-0.1mdv2010.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2010.1\", reference:\"sudo-1.7.4p6-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-08-19T13:01:54", "description": "- rebase to 1.7.4p5\n\n - fixed sudo-1.7.4p4-getgrouplist.patch\n\n - fixes CVE-2011-0008, CVE-2011-0010\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2011-01-19T00:00:00", "type": "nessus", "title": "Fedora 14 : sudo-1.7.4p5-1.fc14 (2011-0470)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:sudo", "cpe:/o:fedoraproject:fedora:14"], "id": "FEDORA_2011-0470.NASL", "href": "https://www.tenable.com/plugins/nessus/51566", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-0470.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(51566);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\", \"CVE-2011-0010\");\n script_bugtraq_id(33517, 45774);\n script_xref(name:\"FEDORA\", value:\"2011-0470\");\n\n script_name(english:\"Fedora 14 : sudo-1.7.4p5-1.fc14 (2011-0470)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - rebase to 1.7.4p5\n\n - fixed sudo-1.7.4p4-getgrouplist.patch\n\n - fixes CVE-2011-0008, CVE-2011-0010\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=668843\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=668879\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b337c23f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected sudo package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(264);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/01/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/01/19\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"sudo-1.7.4p5-1.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"sudo\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-07T14:32:17", "description": "The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities :\n\n - A flaw exists in sudo in file parse.c due to a failure to properly interpret a system group (%group) in the sudoers configuration file when handling authorization decisions for users belonging to that group. A local attacker can exploit this to gain root privileges via a crafted sudo command. (CVE-2009-0034)\n\n - A flaw exists in the redirect implementation in libcurl that allows arbitrary Location values to be accepted when CURLOPT_FOLLOWLOCATION is enabled. An attacker with control of a remote HTTP server can exploit this, via crafted redirect URLs, to trigger requests to intranet servers, to read or write arbitrary files, or to execute arbitrary commands. (CVE-2009-0037)\n\n - A flaw exists in udev due to a failure to verify that a NETLINK message originates from the kernel space. A local attacker can exploit this, via a crafted NETLINK message, to gain elevated privileges on the root file system. (CVE-2009-1185)", "cvss3": {"score": null, "vector": null}, "published": "2016-03-03T00:00:00", "type": "nessus", "title": "VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2009-0037", "CVE-2009-1185"], "modified": "2021-01-06T00:00:00", "cpe": ["cpe:/o:vmware:esx"], "id": "VMWARE_VMSA-2009-0009_REMOTE.NASL", "href": "https://www.tenable.com/plugins/nessus/89115", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(89115);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2009-0034\",\n \"CVE-2009-0037\",\n \"CVE-2009-1185\"\n );\n script_bugtraq_id(\n 33517,\n 33962,\n 34536\n );\n script_xref(name:\"VMSA\", value:\"2009-0009\");\n script_xref(name:\"EDB-ID\", value:\"8572\");\n script_xref(name:\"EDB-ID\", value:\"21848\");\n\n script_name(english:\"VMware ESX Multiple Vulnerabilities (VMSA-2009-0009) (remote check)\");\n script_summary(english:\"Checks the ESX version and build number.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a security-related patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote VMware ESX host is missing a security-related patch. It is,\ntherefore, affected by multiple vulnerabilities :\n\n - A flaw exists in sudo in file parse.c due to a failure\n to properly interpret a system group (%group) in the\n sudoers configuration file when handling authorization\n decisions for users belonging to that group. A local\n attacker can exploit this to gain root privileges via a\n crafted sudo command. (CVE-2009-0034)\n\n - A flaw exists in the redirect implementation in libcurl\n that allows arbitrary Location values to be accepted\n when CURLOPT_FOLLOWLOCATION is enabled. An attacker\n with control of a remote HTTP server can exploit this,\n via crafted redirect URLs, to trigger requests to\n intranet servers, to read or write arbitrary files, or\n to execute arbitrary commands. (CVE-2009-0037)\n\n - A flaw exists in udev due to a failure to verify that a\n NETLINK message originates from the kernel space. A\n local attacker can exploit this, via a crafted NETLINK\n message, to gain elevated privileges on the root file\n system. (CVE-2009-1185)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.vmware.com/security/advisories/VMSA-2009-0009\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the vendor advisory that\npertains to ESX version 4.0.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Linux udev Netlink Local Privilege Escalation');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:'CANVAS');\n script_cwe_id(20, 264, 352);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/03/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:esx\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2021 Tenable Network Security, Inc.\");\n\n script_dependencies(\"vmware_vsphere_detect.nbin\");\n script_require_keys(\"Host/VMware/version\", \"Host/VMware/release\");\n script_require_ports(\"Host/VMware/vsphere\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/VMware/version\");\nrelease = get_kb_item_or_exit(\"Host/VMware/release\");\nport = get_kb_item_or_exit(\"Host/VMware/vsphere\");\n\nfixes = make_array();\nfixes[\"ESX 4.0\"] = 175625;\n\nmatches = eregmatch(pattern:'^VMware (ESXi?).*build-([0-9]+)$', string:release);\nif (empty_or_null(matches))\n exit(1, 'Failed to extract the ESX / ESXi build number.');\n\ntype = matches[1];\nbuild = int(matches[2]);\n\nfixed_build = fixes[version];\n\nif (!isnull(fixed_build) && build < fixed_build)\n{\n padding = crap(data:\" \", length:8 - strlen(type)); # Spacing alignment\n \n report = '\\n ' + type + ' version' + padding + ': ' + version +\n '\\n Installed build : ' + build +\n '\\n Fixed build : ' + fixed_build +\n '\\n';\n\n security_report_v4(extra:report, port:port, severity:SECURITY_HOLE);\n}\nelse\n audit(AUDIT_INST_VER_NOT_VULN, \"VMware \" + version + \" build \" + build);\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T19:17:17", "description": "The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by multiple vulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. (CVE-2013-1776)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command without authentication. Successful exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2022-05-09T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Multiple Vulnerabilities (NS-SA-2022-0028)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010", "CVE-2012-0809", "CVE-2012-2337", "CVE-2013-1775", "CVE-2013-1776", "CVE-2021-3156"], "modified": "2022-05-10T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:sudo", "p-cpe:/a:zte:cgsl_core:sudo-debuginfo", "p-cpe:/a:zte:cgsl_core:sudo-devel", "p-cpe:/a:zte:cgsl_main:sudo", "p-cpe:/a:zte:cgsl_main:sudo-debuginfo", "p-cpe:/a:zte:cgsl_main:sudo-devel", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2022-0028_SUDO.NASL", "href": "https://www.tenable.com/plugins/nessus/160804", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2022-0028. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(160804);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/10\");\n\n script_cve_id(\n \"CVE-2011-0008\",\n \"CVE-2011-0010\",\n \"CVE-2012-0809\",\n \"CVE-2012-2337\",\n \"CVE-2013-1775\",\n \"CVE-2013-1776\",\n \"CVE-2021-3156\"\n );\n script_xref(name:\"IAVB\", value:\"2013-B-0064\");\n script_xref(name:\"IAVA\", value:\"2013-A-0179-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0053\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/27\");\n\n script_name(english:\"NewStart CGSL CORE 5.05 / MAIN 5.05 : sudo Multiple Vulnerabilities (NS-SA-2022-0028)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.05 / MAIN 5.05, has sudo packages installed that are affected by\nmultiple vulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret\n a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to\n that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a\n sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for\n command execution that involves a gid change but no uid change, which allows local users to bypass an\n intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to\n execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations\n that use a netmask syntax, which allows local users to bypass intended command restrictions in\n opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate\n attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting\n the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not\n properly validate the controlling terminal device, which allows local users with sudo permissions to\n hijack the authorization of another terminal via vectors related to connecting to the standard input,\n output, and error file descriptors of another terminal. NOTE: this is one of three closely-related\n vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different\n affected versions. (CVE-2013-1776)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which\n allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single\n backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is\n exploitable by any local user who can execute the sudo command without authentication. Successful\n exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2022-0028\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0008\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0010\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-0809\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-2337\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1775\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1776\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-3156\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL sudo packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3156\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sudo Heap-Based Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/05/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/05/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.05\" &&\n release !~ \"CGSL MAIN 5.05\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.05 / NewStart CGSL MAIN 5.05');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.05': [\n 'sudo-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af',\n 'sudo-debuginfo-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af',\n 'sudo-devel-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af'\n ],\n 'CGSL MAIN 5.05': [\n 'sudo-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af',\n 'sudo-debuginfo-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af',\n 'sudo-devel-1.8.23-10.el7_9.1.cgslv5_5.0.1.gd5dd0af'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'sudo');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-05-10T03:24:11", "description": "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by multiple vulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. (CVE-2013-1776)\n\n - Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines) in the get_process_ttyname() function resulting in information disclosure and command execution.\n (CVE-2017-1000368)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command without authentication. Successful exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.2, "vector": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"}, "published": "2021-10-28T00:00:00", "type": "nessus", "title": "NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010", "CVE-2012-0809", "CVE-2012-2337", "CVE-2013-1775", "CVE-2013-1776", "CVE-2017-1000368", "CVE-2021-3156"], "modified": "2022-05-09T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_core:sudo", "p-cpe:/a:zte:cgsl_core:sudo-debuginfo", "p-cpe:/a:zte:cgsl_core:sudo-devel", "p-cpe:/a:zte:cgsl_main:sudo", "p-cpe:/a:zte:cgsl_main:sudo-debuginfo", "p-cpe:/a:zte:cgsl_main:sudo-devel", "cpe:/o:zte:cgsl_core:5", "cpe:/o:zte:cgsl_main:5"], "id": "NEWSTART_CGSL_NS-SA-2021-0101_SUDO.NASL", "href": "https://www.tenable.com/plugins/nessus/154615", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0101. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154615);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/09\");\n\n script_cve_id(\n \"CVE-2011-0008\",\n \"CVE-2011-0010\",\n \"CVE-2012-0809\",\n \"CVE-2012-2337\",\n \"CVE-2013-1775\",\n \"CVE-2013-1776\",\n \"CVE-2017-1000368\",\n \"CVE-2021-3156\"\n );\n script_xref(name:\"IAVA\", value:\"2013-A-0179-S\");\n script_xref(name:\"IAVA\", value:\"2017-A-0165-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0053\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/27\");\n\n script_name(english:\"NewStart CGSL CORE 5.04 / MAIN 5.04 : sudo Multiple Vulnerabilities (NS-SA-2021-0101)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has sudo packages installed that are affected by\nmultiple vulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret\n a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to\n that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a\n sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for\n command execution that involves a gid change but no uid change, which allows local users to bypass an\n intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to\n execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations\n that use a netmask syntax, which allows local users to bypass intended command restrictions in\n opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate\n attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting\n the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not\n properly validate the controlling terminal device, which allows local users with sudo permissions to\n hijack the authorization of another terminal via vectors related to connecting to the standard input,\n output, and error file descriptors of another terminal. NOTE: this is one of three closely-related\n vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different\n affected versions. (CVE-2013-1776)\n\n - Todd Miller's sudo version 1.8.20p1 and earlier is vulnerable to an input validation (embedded newlines)\n in the get_process_ttyname() function resulting in information disclosure and command execution.\n (CVE-2017-1000368)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which\n allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single\n backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is\n exploitable by any local user who can execute the sudo command without authentication. Successful\n exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0101\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0008\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0010\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-0809\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-2337\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1775\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1776\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2017-1000368\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-3156\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL sudo packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3156\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2017-1000368\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sudo Heap-Based Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_core:sudo-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_core:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:5\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL CORE 5.04\" &&\n release !~ \"CGSL MAIN 5.04\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL CORE 5.04': [\n 'sudo-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1',\n 'sudo-debuginfo-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1',\n 'sudo-devel-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1'\n ],\n 'CGSL MAIN 5.04': [\n 'sudo-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1',\n 'sudo-debuginfo-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1',\n 'sudo-devel-1.8.23-10.el7_9.1.cgslv5_4.0.1.g35f1fa1'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'sudo');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-04-08T05:59:53", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple vulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to bypass an intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations that use a netmask syntax, which allows local users to bypass intended command restrictions in opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not properly validate the controlling terminal device, which allows local users with sudo permissions to hijack the authorization of another terminal via vectors related to connecting to the standard input, output, and error file descriptors of another terminal. NOTE: this is one of three closely-related vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different affected versions. (CVE-2013-1776)\n\n - sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file, which allows local users to open arbitrary files for read access (but not view file contents) by running a program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log messages, or repositioning tape drives. (CVE-2014-9680)\n\n - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by /home/*/*/file.txt.\n (CVE-2015-5602)\n\n - sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary commands with elevated privileges. (CVE-2016-7076)\n\n - Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in the get_process_ttyname() function resulting in information disclosure and command execution.\n (CVE-2017-1000367)\n\n - ** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user.\n NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo as a user not present in the local password database is an intentional feature. Because this behavior surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default being disabled. However, this does not change the fact that sudo was behaving as intended, and as documented, in earlier versions. (CVE-2019-19232)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is exploitable by any local user who can execute the sudo command without authentication. Successful exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-10-27T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010", "CVE-2012-0809", "CVE-2012-2337", "CVE-2013-1775", "CVE-2013-1776", "CVE-2014-9680", "CVE-2015-5602", "CVE-2016-7076", "CVE-2017-1000367", "CVE-2019-19232", "CVE-2021-3156"], "modified": "2022-04-07T00:00:00", "cpe": ["p-cpe:/a:zte:cgsl_main:sudo", "p-cpe:/a:zte:cgsl_main:sudo-debuginfo", "p-cpe:/a:zte:cgsl_main:sudo-debugsource", "p-cpe:/a:zte:cgsl_main:sudo-devel", "cpe:/o:zte:cgsl_main:6"], "id": "NEWSTART_CGSL_NS-SA-2021-0120_SUDO.NASL", "href": "https://www.tenable.com/plugins/nessus/154540", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0120. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(154540);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/07\");\n\n script_cve_id(\n \"CVE-2011-0008\",\n \"CVE-2011-0010\",\n \"CVE-2012-0809\",\n \"CVE-2012-2337\",\n \"CVE-2013-1775\",\n \"CVE-2013-1776\",\n \"CVE-2014-9680\",\n \"CVE-2015-5602\",\n \"CVE-2016-7076\",\n \"CVE-2017-1000367\",\n \"CVE-2019-19232\",\n \"CVE-2021-3156\"\n );\n script_xref(name:\"IAVA\", value:\"2013-A-0179-S\");\n script_xref(name:\"IAVA\", value:\"2017-A-0165-S\");\n script_xref(name:\"IAVA\", value:\"2021-A-0053\");\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/04/27\");\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : sudo Multiple Vulnerabilities (NS-SA-2021-0120)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NewStart CGSL host is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has sudo packages installed that are affected by multiple\nvulnerabilities:\n\n - A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret\n a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to\n that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a\n sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression. (CVE-2011-0008)\n\n - check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for\n command execution that involves a gid change but no uid change, which allows local users to bypass an\n intended authentication requirement via the -g option to a sudo command. (CVE-2011-0010)\n\n - Format string vulnerability in the sudo_debug function in Sudo 1.8.0 through 1.8.3p1 allows local users to\n execute arbitrary code via format string sequences in the program name for sudo. (CVE-2012-0809)\n\n - sudo 1.6.x and 1.7.x before 1.7.9p1, and 1.8.x before 1.8.4p5, does not properly support configurations\n that use a netmask syntax, which allows local users to bypass intended command restrictions in\n opportunistic circumstances by executing a command on a host that has an IPv4 address. (CVE-2012-2337)\n\n - sudo 1.6.0 through 1.7.10p6 and sudo 1.8.0 through 1.8.6p6 allows local users or physically proximate\n attackers to bypass intended time restrictions and retain privileges without re-authenticating by setting\n the system clock and sudo user timestamp to the epoch. (CVE-2013-1775)\n\n - sudo 1.3.5 through 1.7.10 and 1.8.0 through 1.8.5, when the tty_tickets option is enabled, does not\n properly validate the controlling terminal device, which allows local users with sudo permissions to\n hijack the authorization of another terminal via vectors related to connecting to the standard input,\n output, and error file descriptors of another terminal. NOTE: this is one of three closely-related\n vulnerabilities that were originally assigned CVE-2013-1776, but they have been SPLIT because of different\n affected versions. (CVE-2013-1776)\n\n - sudo before 1.8.12 does not ensure that the TZ environment variable is associated with a zoneinfo file,\n which allows local users to open arbitrary files for read access (but not view file contents) by running a\n program within an sudo session, as demonstrated by interfering with terminal output, discarding kernel-log\n messages, or repositioning tape drives. (CVE-2014-9680)\n\n - sudoedit in Sudo before 1.8.15 allows local users to gain privileges via a symlink attack on a file whose\n full path is defined using multiple wildcards in /etc/sudoers, as demonstrated by /home/*/*/file.txt.\n (CVE-2015-5602)\n\n - sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if application run\n via sudo executed wordexp() C library function with a user supplied argument. A local user permitted to\n run such application via sudo with noexec restriction could possibly use this flaw to execute arbitrary\n commands with elevated privileges. (CVE-2016-7076)\n\n - Todd Miller's sudo version 1.8.20 and earlier is vulnerable to an input validation (embedded spaces) in\n the get_process_ttyname() function resulting in information disclosure and command execution.\n (CVE-2017-1000367)\n\n - ** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a Runas ALL sudoer account can\n impersonate a nonexistent user by invoking sudo with a numeric uid that is not associated with any user.\n NOTE: The software maintainer believes that this is not a vulnerability because running a command via sudo\n as a user not present in the local password database is an intentional feature. Because this behavior\n surprised some users, sudo 1.8.30 introduced an option to enable/disable this behavior with the default\n being disabled. However, this does not change the fact that sudo was behaving as intended, and as\n documented, in earlier versions. (CVE-2019-19232)\n\n - Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which\n allows privilege escalation to root via sudoedit -s and a command-line argument that ends with a single\n backslash character. (CVE-2021-3156)\n\n - A heap-based buffer overflow was found in the way sudo parses command line arguments. This flaw is\n exploitable by any local user who can execute the sudo command without authentication. Successful\n exploitation of this flaw could lead to privilege escalation. (CVE-2021-3156)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0120\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0008\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2011-0010\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-0809\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2012-2337\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1775\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2013-1776\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2014-9680\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2015-5602\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2016-7076\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2017-1000367\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2019-19232\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/info/CVE-2021-3156\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL sudo packages. Note that updated packages may not be available yet. Please contact ZTE for\nmore information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2021-3156\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Sudo Heap-Based Buffer Overflow');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/01/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:zte:cgsl_main:sudo-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:zte:cgsl_main:6\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar release = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nvar flag = 0;\n\nvar pkgs = {\n 'CGSL MAIN 6.02': [\n 'sudo-1.8.29-6.el8_3.1.cgslv6_2.0.1.g2081d35',\n 'sudo-debuginfo-1.8.29-6.el8_3.1.cgslv6_2.0.1.g2081d35',\n 'sudo-debugsource-1.8.29-6.el8_3.1.cgslv6_2.0.1.g2081d35',\n 'sudo-devel-1.8.29-6.el8_3.1.cgslv6_2.0.1.g2081d35'\n ]\n};\nvar pkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'sudo');\n}\n", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-03-25T15:36:53", "description": "parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.", "cvss3": {}, "published": "2009-01-30T19:30:00", "type": "debiancve", "title": "CVE-2009-0034", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-01-30T19:30:00", "id": "DEBIANCVE:CVE-2009-0034", "href": "https://security-tracker.debian.org/tracker/CVE-2009-0034", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-25T15:36:53", "description": "A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.", "cvss3": {}, "published": "2011-01-20T19:00:00", "type": "debiancve", "title": "CVE-2011-0008", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008"], "modified": "2011-01-20T19:00:00", "id": "DEBIANCVE:CVE-2011-0008", "href": "https://security-tracker.debian.org/tracker/CVE-2011-0008", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2018-04-06T11:37:41", "description": "The remote host is missing updates announced in\nadvisory GLSA 200902-01.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200902-01 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063335", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063335", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in sudo may allow for privilege escalation.\";\ntag_solution = \"All sudo users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.0'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200902-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=256633\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200902-01.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63335\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200902-01 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-admin/sudo\", unaffected: make_list(\"ge 1.7.0\"), vulnerable: make_list(\"lt 1.7.0\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-24T12:56:50", "description": "The remote host is missing an update to sudo\nannounced via advisory MDVSA-2009:033.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:033 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:63322", "href": "http://plugins.openvas.org/nasl.php?oid=63322", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_033.nasl 6573 2017-07-06 13:10:50Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:033 (sudo)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been identified in sudo which allowed - depending\non the sudoers rules - a sudo-user to execute arbitrary shell commands\nas root (CVE-2009-0034).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0, 2008.1, 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:033\";\ntag_summary = \"The remote host is missing an update to sudo\nannounced via advisory MDVSA-2009:033.\";\n\n \n\nif(description)\n{\n script_id(63322);\n script_version(\"$Revision: 6573 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:10:50 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:033 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p5~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p13~1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:14:10", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-02-13T00:00:00", "type": "openvas", "title": "FreeBSD Ports: sudo", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2016-12-28T00:00:00", "id": "OPENVAS:63362", "href": "http://plugins.openvas.org/nasl.php?oid=63362", "sourceData": "#\n#VID 13d6d997-f455-11dd-8516-001b77d09812\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 13d6d997-f455-11dd-8516-001b77d09812\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: sudo\n\nCVE-2009-0034\nparse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret\na system group (aka %group) in the sudoers file during authorization\ndecisions for a user who belongs to that group, which allows local\nusers to leverage an applicable sudoers file and gain root privileges\nvia a sudo command.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.gratisoft.us/pipermail/sudo-announce/2009-February/000085.html\nhttp://www.vuxml.org/freebsd/13d6d997-f455-11dd-8516-001b77d09812.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(63362);\n script_version(\"$Revision: 4865 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-12-28 17:16:43 +0100 (Wed, 28 Dec 2016) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_bugtraq_id(33517);\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: sudo\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"sudo\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6.9\")>=0 && revcomp(a:bver, b:\"1.6.9.20\")<0) {\n txt += 'Package sudo version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:21", "description": "The remote host is missing an update to sudo\nannounced via advisory FEDORA-2009-1074.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-1074 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:63324", "href": "http://plugins.openvas.org/nasl.php?oid=63324", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_1074.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-1074 (sudo)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Sudo (superuser do) allows a system administrator to give certain\nusers (or groups of users) the ability to run some (or all) commands\nas root while logging all commands and arguments. Sudo operates on a\nper-command basis. It is not a replacement for the shell. Features\ninclude: the ability to restrict what commands a user may run on a\nper-host basis, copious logging of each command (providing a clear\naudit trail of who did what), a configurable timeout of the sudo\ncommand, and the ability to use the same configuration file (sudoers)\non many different machines.\n\nUpdate Information:\n\nFix for incorrect handling of groups in Runas_User\n\nChangeLog:\n\n* Thu Jan 29 2009 Daniel Kopecek 1.6.9p17-5\n- Fix for incorrect handling of groups in Runas_User\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update sudo' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-1074\";\ntag_summary = \"The remote host is missing an update to sudo\nannounced via advisory FEDORA-2009-1074.\";\n\n\n\nif(description)\n{\n script_id(63324);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-1074 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=481720\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo-debuginfo\", rpm:\"sudo-debuginfo~1.6.9p17~5.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:19", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0267.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in run\nas lists in the sudoers configuration file. If sudo configuration allowed\na user to run commands as any user of some group and the user was also a\nmember of that group, sudo incorrectly allowed them to run defined commands\nwith the privileges of any system user. This gave the user unintended\nprivileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0267", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063318", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063318", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0267.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0267 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0267.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in run\nas lists in the sudoers configuration file. If sudo configuration allowed\na user to run commands as any user of some group and the user was also a\nmember of that group, sudo incorrectly allowed them to run defined commands\nwith the privileges of any system user. This gave the user unintended\nprivileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63318\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0267\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0267.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~3.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo-debuginfo\", rpm:\"sudo-debuginfo~1.6.9p17~3.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-27T10:55:39", "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0267.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in run\nas lists in the sudoers configuration file. If sudo configuration allowed\na user to run commands as any user of some group and the user was also a\nmember of that group, sudo incorrectly allowed them to run defined commands\nwith the privileges of any system user. This gave the user unintended\nprivileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0267", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:63318", "href": "http://plugins.openvas.org/nasl.php?oid=63318", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0267.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0267 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0267.\n\nThe sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in run\nas lists in the sudoers configuration file. If sudo configuration allowed\na user to run commands as any user of some group and the user was also a\nmember of that group, sudo incorrectly allowed them to run defined commands\nwith the privileges of any system user. This gave the user unintended\nprivileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63318);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"RedHat Security Advisory RHSA-2009:0267\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0267.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~3.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo-debuginfo\", rpm:\"sudo-debuginfo~1.6.9p17~3.el5_3.1\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:36:48", "description": "Oracle Linux Local Security Checks ELSA-2009-0267", "cvss3": {}, "published": "2015-10-08T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2009-0267", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310122521", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310122521", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2009-0267.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.122521\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-08 14:47:13 +0300 (Thu, 08 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2009-0267\");\n script_tag(name:\"insight\", value:\"ELSA-2009-0267 - sudo security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2009-0267\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2009-0267.html\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~3.el5_3.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:56:11", "description": "The remote host is missing updates announced in\nadvisory GLSA 200902-01.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200902-01 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:63335", "href": "http://plugins.openvas.org/nasl.php?oid=63335", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in sudo may allow for privilege escalation.\";\ntag_solution = \"All sudo users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-admin/sudo-1.7.0'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200902-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=256633\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200902-01.\";\n\n \n \n\nif(description)\n{\n script_id(63335);\n script_version(\"$Revision: 6595 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:19:55 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200902-01 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-admin/sudo\", unaffected: make_list(\"ge 1.7.0\"), vulnerable: make_list(\"lt 1.7.0\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:29:15", "description": "The remote host is missing an update to sudo\nannounced via advisory USN-722-1.", "cvss3": {}, "published": "2009-02-18T00:00:00", "type": "openvas", "title": "Ubuntu USN-722-1 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:63414", "href": "http://plugins.openvas.org/nasl.php?oid=63414", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_722_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_722_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-722-1 (sudo)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 8.04 LTS:\n sudo 1.6.9p10-1ubuntu3.4\n\nUbuntu 8.10:\n sudo 1.6.9p17-1ubuntu2.1\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-722-1\";\n\ntag_insight = \"Harald Koenig discovered that sudo did not correctly handle certain\nprivilege changes when handling groups. If a local attacker belonged\nto a group included in a RunAs list in the /etc/sudoers file, that\nuser could gain root privileges. This was not an issue for the default\nsudoers file shipped with Ubuntu.\";\ntag_summary = \"The remote host is missing an update to sudo\nannounced via advisory USN-722-1.\";\n\n \n\n\nif(description)\n{\n script_id(63414);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-18 23:13:28 +0100 (Wed, 18 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-722-1 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-722-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"sudo\", ver:\"1.6.9p10-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sudo-ldap\", ver:\"1.6.9p10-1ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sudo\", ver:\"1.6.9p17-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sudo-ldap\", ver:\"1.6.9p17-1ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:40", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2009-02-13T00:00:00", "type": "openvas", "title": "FreeBSD Ports: sudo", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063362", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063362", "sourceData": "#\n#VID 13d6d997-f455-11dd-8516-001b77d09812\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 13d6d997-f455-11dd-8516-001b77d09812\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: sudo\n\nCVE-2009-0034\nparse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret\na system group (aka %group) in the sudoers file during authorization\ndecisions for a user who belongs to that group, which allows local\nusers to leverage an applicable sudoers file and gain root privileges\nvia a sudo command.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.gratisoft.us/pipermail/sudo-announce/2009-February/000085.html\nhttp://www.vuxml.org/freebsd/13d6d997-f455-11dd-8516-001b77d09812.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63362\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-13 20:43:17 +0100 (Fri, 13 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_bugtraq_id(33517);\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: sudo\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"sudo\");\nif(!isnull(bver) && revcomp(a:bver, b:\"1.6.9\")>=0 && revcomp(a:bver, b:\"1.6.9.20\")<0) {\n txt += 'Package sudo version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:28", "description": "The remote host is missing an update to sudo\nannounced via advisory MDVSA-2009:033.", "cvss3": {}, "published": "2009-02-10T00:00:00", "type": "openvas", "title": "Mandrake Security Advisory MDVSA-2009:033 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063322", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063322", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: mdksa_2009_033.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory MDVSA-2009:033 (sudo)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been identified in sudo which allowed - depending\non the sudoers rules - a sudo-user to execute arbitrary shell commands\nas root (CVE-2009-0034).\n\nThe updated packages have been patched to prevent this.\n\nAffected: 2008.0, 2008.1, 2009.0\";\ntag_solution = \"To upgrade automatically use MandrakeUpdate or urpmi. The verification\nof md5 checksums and GPG signatures is performed automatically for you.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=MDVSA-2009:033\";\ntag_summary = \"The remote host is missing an update to sudo\nannounced via advisory MDVSA-2009:033.\";\n\n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63322\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-10 15:52:40 +0100 (Tue, 10 Feb 2009)\");\n script_cve_id(\"CVE-2009-0034\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Mandrake Security Advisory MDVSA-2009:033 (sudo)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p5~1.1mdv2008.0\", rls:\"MNDK_2008.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p13~1.1mdv2008.1\", rls:\"MNDK_2008.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~1.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:45", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "openvas", "title": "Fedora Update for sudo FEDORA-2011-0470", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862803", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862803", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sudo FEDORA-2011-0470\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862803\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0470\");\n script_cve_id(\"CVE-2011-0008\", \"CVE-2011-0010\", \"CVE-2009-0034\");\n script_name(\"Fedora Update for sudo FEDORA-2011-0470\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sudo'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC14\");\n script_tag(name:\"affected\", value:\"sudo on Fedora 14\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p5~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Mandriva Update for sudo MDVSA-2011:018 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831316", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for sudo MDVSA-2011:018 (sudo)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2011-01/msg00021.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831316\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 15:31:16 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"MDVSA\", value:\"2011:018\");\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\", \"CVE-2011-0010\");\n script_name(\"Mandriva Update for sudo MDVSA-2011:018 (sudo)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sudo'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_(mes5|2010\\.1|2010\\.0|2009\\.0)\");\n script_tag(name:\"affected\", value:\"sudo on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been found and corrected in sudo:\n\n A a patch for parse.c in sudo does not properly interpret a system\n group (aka %group) in the sudoers file during authorization decisions\n for a user who belongs to that group, which allows local users to\n leverage an applicable sudoers file and gain root privileges via a sudo\n command. NOTE: this vulnerability exists because of a CVE-2009-0034\n regression (CVE-2011-0008).\n\n check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured,\n does not require a password for command execution that involves a\n gid change but no uid change, which allows local users to bypass an\n intended authentication requirement via the -g option to a sudo command\n (CVE-2011-0010).\n\n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. The updated packages have been upgraded to the latest versions\n (1.7.4p6) which is not affected by these issues.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:55:22", "description": "Check for the Version of sudo", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Mandriva Update for sudo MDVSA-2011:018 (sudo)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2017-07-06T00:00:00", "id": "OPENVAS:831316", "href": "http://plugins.openvas.org/nasl.php?oid=831316", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for sudo MDVSA-2011:018 (sudo)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been found and corrected in sudo:\n\n A a patch for parse.c in sudo does not properly interpret a system\n group (aka %group) in the sudoers file during authorization decisions\n for a user who belongs to that group, which allows local users to\n leverage an applicable sudoers file and gain root privileges via a sudo\n command. NOTE: this vulnerability exists because of a CVE-2009-0034\n regression (CVE-2011-0008).\n \n check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured,\n does not require a password for command execution that involves a\n gid change but no uid change, which allows local users to bypass an\n intended authentication requirement via the -g option to a sudo command\n (CVE-2011-0010).\n \n Packages for 2009.0 are provided as of the Extended Maintenance\n Program. Please visit this link to learn more:\n http://store.mandriva.com/product_info.php?cPath=149&amp;products_id=490\n \n The updated packages have been upgraded to the latest versions\n (1.7.4p6) which is not affected by these issues.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\ntag_affected = \"sudo on Mandriva Linux 2009.0,\n Mandriva Linux 2009.0/X86_64,\n Mandriva Linux 2010.0,\n Mandriva Linux 2010.0/X86_64,\n Mandriva Linux 2010.1,\n Mandriva Linux 2010.1/X86_64,\n Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2011-01/msg00021.php\");\n script_id(831316);\n script_version(\"$Revision: 6570 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:06:35 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 15:31:16 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2011:018\");\n script_cve_id(\"CVE-2009-0034\", \"CVE-2011-0008\", \"CVE-2011-0010\");\n script_name(\"Mandriva Update for sudo MDVSA-2011:018 (sudo)\");\n\n script_summary(\"Check for the Version of sudo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdvmes5.1\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2010.0\", rls:\"MNDK_2010.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2009.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p6~0.1mdv2009.0\", rls:\"MNDK_2009.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Fedora Update for sudo FEDORA-2011-0455", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310862805", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862805", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sudo FEDORA-2011-0455\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862805\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 15:31:16 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name:\"FEDORA\", value:\"2011-0455\");\n script_cve_id(\"CVE-2011-0008\", \"CVE-2011-0010\", \"CVE-2009-0034\");\n script_name(\"Fedora Update for sudo FEDORA-2011-0455\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'sudo'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC13\");\n script_tag(name:\"affected\", value:\"sudo on Fedora 13\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p5~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-25T10:55:33", "description": "Check for the Version of sudo", "cvss3": {}, "published": "2011-01-24T00:00:00", "type": "openvas", "title": "Fedora Update for sudo FEDORA-2011-0455", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862805", "href": "http://plugins.openvas.org/nasl.php?oid=862805", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sudo FEDORA-2011-0455\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"sudo on Fedora 13\";\ntag_insight = \"Sudo (superuser do) allows a system administrator to give certain\n users (or groups of users) the ability to run some (or all) commands\n as root while logging all commands and arguments. Sudo operates on a\n per-command basis. It is not a replacement for the shell. Features\n include: the ability to restrict what commands a user may run on a\n per-host basis, copious logging of each command (providing a clear\n audit trail of who did what), a configurable timeout of the sudo\n command, and the ability to use the same configuration file (sudoers)\n on many different machines.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053341.html\");\n script_id(862805);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-24 15:31:16 +0100 (Mon, 24 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0455\");\n script_cve_id(\"CVE-2011-0008\", \"CVE-2011-0010\", \"CVE-2009-0034\");\n script_name(\"Fedora Update for sudo FEDORA-2011-0455\");\n\n script_summary(\"Check for the Version of sudo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p5~1.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:55:38", "description": "Check for the Version of sudo", "cvss3": {}, "published": "2011-01-21T00:00:00", "type": "openvas", "title": "Fedora Update for sudo FEDORA-2011-0470", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008", "CVE-2011-0010"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:862803", "href": "http://plugins.openvas.org/nasl.php?oid=862803", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for sudo FEDORA-2011-0470\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2011 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"sudo on Fedora 14\";\ntag_insight = \"Sudo (superuser do) allows a system administrator to give certain\n users (or groups of users) the ability to run some (or all) commands\n as root while logging all commands and arguments. Sudo operates on a\n per-command basis. It is not a replacement for the shell. Features\n include: the ability to restrict what commands a user may run on a\n per-host basis, copious logging of each command (providing a clear\n audit trail of who did what), a configurable timeout of the sudo\n command, and the ability to use the same configuration file (sudoers)\n on many different machines.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html\");\n script_id(862803);\n script_version(\"$Revision: 6626 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:30:10 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-01-21 14:59:01 +0100 (Fri, 21 Jan 2011)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2011-0470\");\n script_cve_id(\"CVE-2011-0008\", \"CVE-2011-0010\", \"CVE-2009-0034\");\n script_name(\"Fedora Update for sudo FEDORA-2011-0470\");\n\n script_summary(\"Check for the Version of sudo\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.7.4p5~1.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:55", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-02T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:003", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0125", "CVE-2008-2383", "CVE-2008-3197", "CVE-2008-5902", "CVE-2008-1924", "CVE-2009-0034", "CVE-2009-0135", "CVE-2008-5907", "CVE-2008-5432", "CVE-2008-2960", "CVE-2008-5824", "CVE-2008-4326", "CVE-2009-0136", "CVE-2008-5904", "CVE-2008-1567", "CVE-2008-1149", "CVE-2008-5903", "CVE-2008-4309", "CVE-2009-0126", "CVE-2008-4096", "CVE-2008-5081", "CVE-2008-5621"], "modified": "2017-07-11T00:00:00", "id": "OPENVAS:63304", "href": "http://plugins.openvas.org/nasl.php?oid=63304", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_003.nasl 6668 2017-07-11 13:34:29Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:003\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_id(63304);\n script_version(\"$Revision: 6668 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:34:29 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2008-3197\", \"CVE-2008-5081\", \"CVE-2008-5432\", \"CVE-2008-1149\", \"CVE-2008-5824\", \"CVE-2008-5903\", \"CVE-2008-5902\", \"CVE-2008-5907\", \"CVE-2008-5904\", \"CVE-2008-1567\", \"CVE-2009-0125\", \"CVE-2009-0126\", \"CVE-2008-4326\", \"CVE-2008-4309\", \"CVE-2008-2960\", \"CVE-2008-5621\", \"CVE-2008-2383\", \"CVE-2008-1924\", \"CVE-2009-0034\", \"CVE-2009-0136\", \"CVE-2008-4096\", \"CVE-2009-0135\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:003\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"autofs\", rpm:\"autofs~5.0.3~82.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager\", rpm:\"backup-manager~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager-lang\", rpm:\"backup-manager-lang~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero\", rpm:\"brasero~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-doc\", rpm:\"brasero-doc~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-lang\", rpm:\"brasero-lang~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~145.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash\", rpm:\"crash~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-devel\", rpm:\"crash-devel~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-doc\", rpm:\"crash-doc~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-sial\", rpm:\"crash-sial~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-main-menu\", rpm:\"gnome-main-menu~0.9.11~22.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.11~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Bootloader\", rpm:\"perl-Bootloader~0.4.81.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"plotutils\", rpm:\"plotutils~2.5~197.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pure-ftpd\", rpm:\"pure-ftpd~1.0.21~182.32.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~10.36.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient\", rpm:\"tsclient~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient-devel\", rpm:\"tsclient-devel~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xrdp\", rpm:\"xrdp~0.4.1~16.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.50~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils-gtk\", rpm:\"avahi-utils-gtk~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-default\", rpm:\"nouveau-kmp-default~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-pae\", rpm:\"nouveau-kmp-pae~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-xen\", rpm:\"nouveau-kmp-xen~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p15~13.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~76.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau\", rpm:\"xorg-x11-driver-video-nouveau~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau-3d\", rpm:\"xorg-x11-driver-video-nouveau-3d~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl\", rpm:\"avahi-compat-howl~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder\", rpm:\"avahi-compat-mDNSResponder~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-devel\", rpm:\"avahi-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-glib\", rpm:\"avahi-glib~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt3\", rpm:\"avahi-qt3~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt4\", rpm:\"avahi-qt4~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~15.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p2~23.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~33.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:39:24", "description": "The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.", "cvss3": {}, "published": "2009-02-02T00:00:00", "type": "openvas", "title": "SuSE Security Summary SUSE-SR:2009:003", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-0125", "CVE-2008-2383", "CVE-2008-3197", "CVE-2008-5902", "CVE-2008-1924", "CVE-2009-0034", "CVE-2009-0135", "CVE-2008-5907", "CVE-2008-5432", "CVE-2008-2960", "CVE-2008-5824", "CVE-2008-4326", "CVE-2009-0136", "CVE-2008-5904", "CVE-2008-1567", "CVE-2008-1149", "CVE-2008-5903", "CVE-2008-4309", "CVE-2009-0126", "CVE-2008-4096", "CVE-2008-5081", "CVE-2008-5621"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:136141256231063304", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063304", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: suse_sr_2009_003.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory SUSE-SR:2009:003\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory SUSE-SR:2009:003. SuSE Security Summaries are short\non detail when it comes to the names of packages affected by\na particular bug. Because of this, while this test will detect\nout of date packages, it cannot tell you what bugs impact\nwhich packages, or vice versa.\";\n\ntag_solution = \"Update all out of date packages.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63304\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-02-02 23:28:24 +0100 (Mon, 02 Feb 2009)\");\n script_cve_id(\"CVE-2008-3197\", \"CVE-2008-5081\", \"CVE-2008-5432\", \"CVE-2008-1149\", \"CVE-2008-5824\", \"CVE-2008-5903\", \"CVE-2008-5902\", \"CVE-2008-5907\", \"CVE-2008-5904\", \"CVE-2008-1567\", \"CVE-2009-0125\", \"CVE-2009-0126\", \"CVE-2008-4326\", \"CVE-2008-4309\", \"CVE-2008-2960\", \"CVE-2008-5621\", \"CVE-2008-2383\", \"CVE-2008-1924\", \"CVE-2009-0034\", \"CVE-2009-0136\", \"CVE-2008-4096\", \"CVE-2009-0135\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"SuSE Security Summary SUSE-SR:2009:003\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.10~26.2.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi\", rpm:\"at-spi~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-devel\", rpm:\"at-spi-devel~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-doc\", rpm:\"at-spi-doc~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"at-spi-lang\", rpm:\"at-spi-lang~1.24.0~2.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~140.18.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"autofs\", rpm:\"autofs~5.0.3~82.28.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager\", rpm:\"backup-manager~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"backup-manager-lang\", rpm:\"backup-manager-lang~0.1.0~13.12.2\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.5.0P2~18.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero\", rpm:\"brasero~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-doc\", rpm:\"brasero-doc~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"brasero-lang\", rpm:\"brasero-lang~0.8.3~1.18.3\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~145.8.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash\", rpm:\"crash~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-devel\", rpm:\"crash-devel~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-doc\", rpm:\"crash-doc~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"crash-sial\", rpm:\"crash-sial~4.0.7.4~8.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gnome-main-menu\", rpm:\"gnome-main-menu~0.9.11~22.9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2\", rpm:\"gtk2~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-branding-upstream\", rpm:\"gtk2-branding-upstream~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-devel\", rpm:\"gtk2-devel~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-doc\", rpm:\"gtk2-doc~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"gtk2-lang\", rpm:\"gtk2-lang~2.14.4~6.4.5\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal\", rpm:\"hal~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"hal-devel\", rpm:\"hal-devel~0.5.12~10.12.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.31~4.35.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2\", rpm:\"libxml2~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml2-doc\", rpm:\"libxml2-doc~2.7.1~8.5.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"mailman\", rpm:\"mailman~2.1.11~8.6.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8h~28.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"perl-Bootloader\", rpm:\"perl-Bootloader~0.4.81.1~0.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"plotutils\", rpm:\"plotutils~2.5~197.10.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"pure-ftpd\", rpm:\"pure-ftpd~1.0.21~182.32.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.23~9.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p17~10.36.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient\", rpm:\"tsclient~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"tsclient-devel\", rpm:\"tsclient-devel~2.0.2~2.29.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xrdp\", rpm:\"xrdp~0.4.1~16.7.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-bootloader\", rpm:\"yast2-bootloader~2.17.50~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network\", rpm:\"yast2-network~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"yast2-network-devel-doc\", rpm:\"yast2-network-devel-doc~2.17.66~1.1.1\", rls:\"openSUSE11.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.9.1~27.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"attr\", rpm:\"attr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~115.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils\", rpm:\"avahi-utils~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-utils-gtk\", rpm:\"avahi-utils-gtk~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.2~39.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~119.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr\", rpm:\"libattr~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libattr-devel\", rpm:\"libattr-devel~2.4.43~2.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-client3\", rpm:\"libavahi-client3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-common3\", rpm:\"libavahi-common3~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-core5\", rpm:\"libavahi-core5~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-devel\", rpm:\"libavahi-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib-devel\", rpm:\"libavahi-glib-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-glib1\", rpm:\"libavahi-glib1~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject-devel\", rpm:\"libavahi-gobject-devel~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-gobject0\", rpm:\"libavahi-gobject0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libavahi-ui0\", rpm:\"libavahi-ui0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libdns_sd\", rpm:\"libdns_sd~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libhowl0\", rpm:\"libhowl0~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~59.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng3\", rpm:\"libpng3~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng12-0\", rpm:\"libpng12-0~1.2.26~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-debug\", rpm:\"nouveau-kmp-debug~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-default\", rpm:\"nouveau-kmp-default~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-pae\", rpm:\"nouveau-kmp-pae~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nouveau-kmp-xen\", rpm:\"nouveau-kmp-xen~0.10.1.20081112_2.6.25.18_0.2~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"nscd\", rpm:\"nscd~2.8~14.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8g~47.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"python-avahi\", rpm:\"python-avahi~0.6.22~68.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p15~13.4\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~76.2\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau\", rpm:\"xorg-x11-driver-video-nouveau~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"xorg-x11-driver-video-nouveau-3d\", rpm:\"xorg-x11-driver-video-nouveau-3d~0.10.1.20081112~0.3\", rls:\"openSUSE11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok\", rpm:\"amarok~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-lang\", rpm:\"amarok-lang~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-libvisual\", rpm:\"amarok-libvisual~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-xine\", rpm:\"amarok-xine~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"amarok-yauap\", rpm:\"amarok-yauap~1.4.7~37.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile\", rpm:\"audiofile~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"audiofile-devel\", rpm:\"audiofile-devel~0.2.6~77.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi\", rpm:\"avahi~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl\", rpm:\"avahi-compat-howl~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-howl-devel\", rpm:\"avahi-compat-howl-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder\", rpm:\"avahi-compat-mDNSResponder~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-compat-mDNSResponder-devel\", rpm:\"avahi-compat-mDNSResponder-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-devel\", rpm:\"avahi-devel~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-glib\", rpm:\"avahi-glib~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-python\", rpm:\"avahi-python~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt3\", rpm:\"avahi-qt3~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"avahi-qt4\", rpm:\"avahi-qt4~0.6.20~40.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind\", rpm:\"bind~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-chrootenv\", rpm:\"bind-chrootenv~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-devel\", rpm:\"bind-devel~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-doc\", rpm:\"bind-doc~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-libs\", rpm:\"bind-libs~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"bind-utils\", rpm:\"bind-utils~9.4.1.P1~12.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"compat-openssl097g\", rpm:\"compat-openssl097g~0.9.7g~75.5\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-bigsmp\", rpm:\"kernel-bigsmp~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-debug\", rpm:\"kernel-debug~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-default\", rpm:\"kernel-default~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-source\", rpm:\"kernel-source~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-syms\", rpm:\"kernel-syms~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xen\", rpm:\"kernel-xen~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"kernel-xenpae\", rpm:\"kernel-xenpae~2.6.22.19~0.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libnasl\", rpm:\"libnasl~2.2.10~15.2\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl-devel\", rpm:\"libopenssl-devel~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libopenssl0_9_8\", rpm:\"libopenssl0_9_8~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng\", rpm:\"libpng~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libpng-devel\", rpm:\"libpng-devel~1.2.18~15.6\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-certs\", rpm:\"openssl-certs~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"openssl-doc\", rpm:\"openssl-doc~0.9.8e~45.7\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"sudo\", rpm:\"sudo~1.6.9p2~23.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"syslog-ng\", rpm:\"syslog-ng~1.6.12~33.4\", rls:\"openSUSE10.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:10", "description": "The remote host is missing an update to tiff\nannounced via advisory USN-801-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Ubuntu USN-801-1 (tiff)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2347", "CVE-2008-0196", "CVE-2009-1185", "CVE-2009-0034", "CVE-2009-0858", "CVE-2009-2334", "CVE-2009-1424", "CVE-2009-0772", "CVE-2009-0773", "CVE-2009-1422", "CVE-2009-0352", "CVE-2009-0040", "CVE-2009-0652", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-2285", "CVE-2009-2295", "CVE-2009-0771", "CVE-2009-1392", "CVE-2009-0774", "CVE-2008-2327", "CVE-2009-1890", "CVE-2009-0037", "CVE-2009-2335", "CVE-2009-1836", "CVE-2009-2336", "CVE-2009-0353", "CVE-2009-0776", "CVE-2009-1841", "CVE-2009-1423", "CVE-2009-1302", "CVE-2009-1891", "CVE-2009-1307", "CVE-2009-1303", "CVE-2009-1959", "CVE-2009-1425", "CVE-2009-2360"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64442", "href": "http://plugins.openvas.org/nasl.php?oid=64442", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_801_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_801_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-801-1 (tiff)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libtiff4 3.7.4-1ubuntu3.6\n\nUbuntu 8.04 LTS:\n libtiff4 3.8.2-7ubuntu3.4\n\nUbuntu 8.10:\n libtiff4 3.8.2-11ubuntu0.8.10.3\n\nUbuntu 9.04:\n libtiff4 3.8.2-11ubuntu0.9.04.3\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-801-1\";\n\ntag_insight = \"Tielei Wang and Tom Lane discovered that the TIFF library did not correctly\nhandle certain malformed TIFF images. If a user or automated system were\ntricked into processing a malicious image, an attacker could execute\narbitrary code with the privileges of the user invoking the program.\";\ntag_summary = \"The remote host is missing an update to tiff\nannounced via advisory USN-801-1.\";\n\n \n\n\nif(description)\n{\n script_id(64442);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-2347\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2008-2327\", \"CVE-2009-2285\", \"CVE-2009-2295\", \"CVE-2009-0858\", \"CVE-2009-2334\", \"CVE-2009-2335\", \"CVE-2009-2336\", \"CVE-2008-0196\", \"CVE-2009-2360\", \"CVE-2009-0040\", \"CVE-2009-0352\", \"CVE-2009-0353\", \"CVE-2009-0652\", \"CVE-2009-0771\", \"CVE-2009-0772\", \"CVE-2009-0773\", \"CVE-2009-0774\", \"CVE-2009-0776\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1307\", \"CVE-2009-1832\", \"CVE-2009-1392\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-1185\", \"CVE-2009-0034\", \"CVE-2009-0037\", \"CVE-2009-1422\", \"CVE-2009-1423\", \"CVE-2009-1424\", \"CVE-2009-1425\", \"CVE-2009-1959\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-801-1 (tiff)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-801-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-doc\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-dev\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnscache-run\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"djbdns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbndns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sork-passwd-h3\", ver:\"3.0-2+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-text\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:53", "description": "The remote host is missing an update to apache2\nannounced via advisory USN-802-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Ubuntu USN-802-1 (apache2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2347", "CVE-2008-0196", "CVE-2009-1185", "CVE-2009-0034", "CVE-2009-0858", "CVE-2009-2334", "CVE-2009-1424", "CVE-2009-0772", "CVE-2009-0773", "CVE-2009-1422", "CVE-2009-0352", "CVE-2009-0040", "CVE-2009-0652", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-2285", "CVE-2009-2295", "CVE-2009-0771", "CVE-2009-1392", "CVE-2009-0774", "CVE-2008-2327", "CVE-2009-1890", "CVE-2009-0037", "CVE-2009-2335", "CVE-2009-1836", "CVE-2009-2336", "CVE-2009-0353", "CVE-2009-0776", "CVE-2009-1841", "CVE-2009-1423", "CVE-2009-1302", "CVE-2009-1891", "CVE-2009-1307", "CVE-2009-1303", "CVE-2009-1959", "CVE-2009-1425", "CVE-2009-2360"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64443", "href": "http://plugins.openvas.org/nasl.php?oid=64443", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_802_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_802_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-802-1 (apache2)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n apache2-common 2.0.55-4ubuntu2.6\n apache2-mpm-perchild 2.0.55-4ubuntu2.6\n apache2-mpm-prefork 2.0.55-4ubuntu2.6\n apache2-mpm-worker 2.0.55-4ubuntu2.6\n libapr0 2.0.55-4ubuntu2.6\n\nUbuntu 8.04 LTS:\n apache2-mpm-event 2.2.8-1ubuntu0.10\n apache2-mpm-perchild 2.2.8-1ubuntu0.10\n apache2-mpm-prefork 2.2.8-1ubuntu0.10\n apache2-mpm-worker 2.2.8-1ubuntu0.10\n apache2.2-common 2.2.8-1ubuntu0.10\n\nUbuntu 8.10:\n apache2-mpm-event 2.2.9-7ubuntu3.2\n apache2-mpm-prefork 2.2.9-7ubuntu3.2\n apache2-mpm-worker 2.2.9-7ubuntu3.2\n apache2.2-common 2.2.9-7ubuntu3.2\n\nUbuntu 9.04:\n apache2-mpm-event 2.2.11-2ubuntu2.2\n apache2-mpm-prefork 2.2.11-2ubuntu2.2\n apache2-mpm-worker 2.2.11-2ubuntu2.2\n apache2.2-common 2.2.11-2ubuntu2.2\n\nIn general, a standard system upgrade is sufficient to effect the\nnecessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-802-1\";\n\ntag_insight = \"It was discovered that mod_proxy_http did not properly handle a large\namount of streamed data when used as a reverse proxy. A remote attacker\ncould exploit this and cause a denial of service via memory resource\nconsumption. This issue affected Ubuntu 8.04 LTS, 8.10 and 9.04.\n(CVE-2009-1890)\n\nIt was discovered that mod_deflate did not abort compressing large files\nwhen the connection was closed. A remote attacker could exploit this and\ncause a denial of service via CPU resource consumption. (CVE-2009-1891)\";\ntag_summary = \"The remote host is missing an update to apache2\nannounced via advisory USN-802-1.\";\n\n \n\n\nif(description)\n{\n script_id(64443);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2008-2327\", \"CVE-2009-2285\", \"CVE-2009-2347\", \"CVE-2009-2295\", \"CVE-2009-0858\", \"CVE-2009-2334\", \"CVE-2009-2335\", \"CVE-2009-2336\", \"CVE-2008-0196\", \"CVE-2009-2360\", \"CVE-2009-0040\", \"CVE-2009-0352\", \"CVE-2009-0353\", \"CVE-2009-0652\", \"CVE-2009-0771\", \"CVE-2009-0772\", \"CVE-2009-0773\", \"CVE-2009-0774\", \"CVE-2009-0776\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1307\", \"CVE-2009-1832\", \"CVE-2009-1392\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-1185\", \"CVE-2009-0034\", \"CVE-2009-0037\", \"CVE-2009-1422\", \"CVE-2009-1423\", \"CVE-2009-1424\", \"CVE-2009-1425\", \"CVE-2009-1959\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-802-1 (apache2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-802-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-doc\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-dev\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnscache-run\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"djbdns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbndns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sork-passwd-h3\", ver:\"3.0-2+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-text\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-04T11:28:19", "description": "The remote host is missing an update to dbus\nannounced via advisory USN-799-1.", "cvss3": {}, "published": "2009-07-29T00:00:00", "type": "openvas", "title": "Ubuntu USN-799-1 (dbus)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-2347", "CVE-2008-0196", "CVE-2009-1185", "CVE-2009-0034", "CVE-2009-0858", "CVE-2009-2334", "CVE-2009-1424", "CVE-2009-0772", "CVE-2009-0773", "CVE-2009-1422", "CVE-2009-0352", "CVE-2009-0040", "CVE-2009-0652", "CVE-2009-1838", "CVE-2009-1832", "CVE-2009-2285", "CVE-2009-2295", "CVE-2009-0771", "CVE-2009-1392", "CVE-2009-0774", "CVE-2008-2327", "CVE-2009-1890", "CVE-2009-0037", "CVE-2009-2335", "CVE-2009-1836", "CVE-2009-2336", "CVE-2009-0353", "CVE-2009-0776", "CVE-2009-1841", "CVE-2009-1423", "CVE-2009-1302", "CVE-2009-1189", "CVE-2009-1891", "CVE-2009-1307", "CVE-2009-1303", "CVE-2009-1959", "CVE-2009-1425", "CVE-2009-2360"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:64441", "href": "http://plugins.openvas.org/nasl.php?oid=64441", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: ubuntu_799_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# $Id: ubuntu_799_1.nasl 7969 2017-12-01 09:23:16Z santu $\n# Description: Auto-generated from advisory USN-799-1 (dbus)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_solution = \"The problem can be corrected by upgrading your system to the\n following package versions:\n\nUbuntu 6.06 LTS:\n libdbus-1-2 0.60-6ubuntu8.4\n\nUbuntu 8.04 LTS:\n libdbus-1-3 1.1.20-1ubuntu3.3\n\nUbuntu 8.10:\n libdbus-1-3 1.2.4-0ubuntu1.1\n\nUbuntu 9.04:\n libdbus-1-3 1.2.12-0ubuntu2.1\n\nAfter a standard system upgrade you need to reboot your computer to\neffect the necessary changes.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=USN-799-1\";\n\ntag_insight = \"It was discovered that the D-Bus library did not correctly validate\nsignatures. If a local user sent a specially crafted D-Bus key, they could\nspoof a valid signature and bypass security policies.\";\ntag_summary = \"The remote host is missing an update to dbus\nannounced via advisory USN-799-1.\";\n\n \n\n\nif(description)\n{\n script_id(64441);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-07-29 19:28:37 +0200 (Wed, 29 Jul 2009)\");\n script_cve_id(\"CVE-2009-1189\", \"CVE-2009-2347\", \"CVE-2009-1890\", \"CVE-2009-1891\", \"CVE-2008-2327\", \"CVE-2009-2285\", \"CVE-2009-2295\", \"CVE-2009-0858\", \"CVE-2009-2334\", \"CVE-2009-2335\", \"CVE-2009-2336\", \"CVE-2008-0196\", \"CVE-2009-2360\", \"CVE-2009-0040\", \"CVE-2009-0352\", \"CVE-2009-0353\", \"CVE-2009-0652\", \"CVE-2009-0771\", \"CVE-2009-0772\", \"CVE-2009-0773\", \"CVE-2009-0774\", \"CVE-2009-0776\", \"CVE-2009-1302\", \"CVE-2009-1303\", \"CVE-2009-1307\", \"CVE-2009-1832\", \"CVE-2009-1392\", \"CVE-2009-1836\", \"CVE-2009-1838\", \"CVE-2009-1841\", \"CVE-2009-1185\", \"CVE-2009-0034\", \"CVE-2009-0037\", \"CVE-2009-1422\", \"CVE-2009-1423\", \"CVE-2009-1424\", \"CVE-2009-1425\", \"CVE-2009-1959\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Ubuntu USN-799-1 (dbus)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-799-1/\");\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"dbus-1-doc\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-cil\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"monodoc-dbus-1-manual\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-utils\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-2\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-dev\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-glib-1-2\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-glib-1-dev\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-qt-1-1c2\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-qt-1-dev\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"python2.4-dbus\", ver:\"0.60-6ubuntu8.4\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-doc\", ver:\"1.1.20-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-x11\", ver:\"1.1.20-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus\", ver:\"1.1.20-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-3\", ver:\"1.1.20-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-dev\", ver:\"1.1.20-1ubuntu3.3\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-doc\", ver:\"1.2.4-0ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-x11\", ver:\"1.2.4-0ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus\", ver:\"1.2.4-0ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-3\", ver:\"1.2.4-0ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-dev\", ver:\"1.2.4-0ubuntu1.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-1-doc\", ver:\"1.2.12-0ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus-x11\", ver:\"1.2.12-0ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbus\", ver:\"1.2.12-0ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-3\", ver:\"1.2.12-0ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libdbus-1-dev\", ver:\"1.2.12-0ubuntu2.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.7.4-1ubuntu3.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-7ubuntu3.4\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-11ubuntu0.8.10.3\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-doc\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-tools\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4-dev\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff4\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiffxx0c2\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtiff-opengl\", ver:\"3.8.2-11ubuntu0.9.04.3\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-common\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0-dev\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libapr0\", ver:\"2.0.55-4ubuntu2.6\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-perchild\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.10\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.9-7ubuntu3.2\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-doc\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-src\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-event\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-prefork\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-mpm-worker\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-prefork-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-threaded-dev\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-utils\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec-custom\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"apache2-suexec\", ver:\"2.2.11-2ubuntu2.2\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-doc\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml-dev\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcamlimages-ocaml\", ver:\"2.2.0-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dnscache-run\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"djbdns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"dbndns\", ver:\"1.05-4+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"sork-passwd-h3\", ver:\"3.0-2+lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dbg\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-gnome-support\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"icedove-dev\", ver:\"2.0.0.22-0lenny1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-text\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.10-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-3ubuntu3.1\", rls:\"UBUNTU8.04 LTS\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-4ubuntu2.1\", rls:\"UBUNTU8.10\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi-dev\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"irssi\", ver:\"0.8.12-6ubuntu1.1\", rls:\"UBUNTU9.04\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2022-01-19T16:03:50", "description": "\n\nTodd Miller reports:\n\nA bug was introduced in Sudo's group matching code in version\n\t 1.6.9 when support for matching based on the supplemental group\n\t vector was added. This bug may allow certain users listed in\n\t the sudoers file to run a command as a different user than their\n\t access rule specifies.\n\n\n", "cvss3": {}, "published": "2009-02-04T00:00:00", "type": "freebsd", "title": "sudo -- certain authorized users could run commands as any user", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-04T00:00:00", "id": "13D6D997-F455-11DD-8516-001B77D09812", "href": "https://vuxml.freebsd.org/freebsd/13d6d997-f455-11dd-8516-001b77d09812.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "seebug": [{"lastseen": "2017-11-19T19:02:14", "description": "BUGTRAQ ID: 33517\r\nCVE(CAN) ID: CVE-2009-0034\r\n\r\nSudo\u662f\u4e00\u6b3e\u5141\u8bb8\u7528\u6237\u4ee5\u5176\u4ed6\u7528\u6237\u6743\u9650\u5b89\u5168\u5730\u6267\u884c\u547d\u4ee4\u7684\u7a0b\u5e8f\uff0c\u5e7f\u6cdb\u4f7f\u7528\u5728Linux\u548cUnix\u64cd\u4f5c\u7cfb\u7edf\u4e0b\u3002\r\n\r\nsudo\u5728\u786e\u8ba4\u7528\u6237\u5c5e\u4e8e\u54ea\u4e2a\u7ec4\u7684\u65f6\u5019sudo\u4e2d\u7684parse.c\u6587\u4ef6\u6ca1\u6709\u6b63\u786e\u5730\u89e3\u91casudoer\u914d\u7f6e\u6587\u4ef6\u4e2d\u7684\u7cfb\u7edf\u7ec4\uff08\u4e5f\u88ab\u79f0\u4e3a%group\uff09\uff0c\u672c\u5730\u7528\u6237\u53ef\u4ee5\u5229\u7528run-as-user-in-group\u529f\u80fd\u65e0\u9700\u53e3\u4ee4\u8ba4\u8bc1\u4fbf\u4ee5root\u7528\u6237\u6743\u9650\u6267\u884csudo\u547d\u4ee4\u3002\n\nTodd Miller Sudo 1.6.9p17 - 1.6.9p19\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nRedHat\r\n------\r\nRedHat\u5df2\u7ecf\u4e3a\u6b64\u53d1\u5e03\u4e86\u4e00\u4e2a\u5b89\u5168\u516c\u544a\uff08RHSA-2009:0267-01\uff09\u4ee5\u53ca\u76f8\u5e94\u8865\u4e01:\r\nRHSA-2009:0267-01\uff1aModerate: sudo security update\r\n\u94fe\u63a5\uff1a<a href=https://www.redhat.com/support/errata/RHSA-2009-0267.html target=_blank rel=external nofollow>https://www.redhat.com/support/errata/RHSA-2009-0267.html</a>", "cvss3": {}, "published": "2009-02-19T00:00:00", "type": "seebug", "title": "Todd Miller Sudo Runas_Alias\u7ec4\u672c\u5730\u6743\u9650\u63d0\u5347\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-19T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4797", "id": "SSV:4797", "sourceData": "", "sourceHref": "", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2022-01-17T19:14:42", "description": "### Background\n\nsudo allows a system administrator to give users the ability to run commands as other users. \n\n### Description\n\nHarald Koenig discovered that sudo incorrectly handles group specifications in Runas_Alias (and related) entries when a group is specified in the list (using %group syntax, to allow a user to run commands as any member of that group) and the user is already a member of that group. \n\n### Impact\n\nA local attacker could possibly run commands as an arbitrary system user (including root). \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll sudo users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-admin/sudo-1.7.0\"", "cvss3": {}, "published": "2009-02-06T00:00:00", "type": "gentoo", "title": "sudo: Privilege escalation", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-06T00:00:00", "id": "GLSA-200902-01", "href": "https://security.gentoo.org/glsa/200902-01", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntu": [{"lastseen": "2022-01-04T13:29:12", "description": "Harald Koenig discovered that sudo did not correctly handle certain \nprivilege changes when handling groups. If a local attacker belonged \nto a group included in a \"RunAs\" list in the /etc/sudoers file, that \nuser could gain root privileges. This was not an issue for the default \nsudoers file shipped with Ubuntu.\n", "cvss3": {}, "published": "2009-02-17T00:00:00", "type": "ubuntu", "title": "sudo vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-17T00:00:00", "id": "USN-722-1", "href": "https://ubuntu.com/security/notices/USN-722-1", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "cve": [{"lastseen": "2022-03-23T21:13:42", "description": "parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command.", "cvss3": {}, "published": "2009-01-30T19:30:00", "type": "cve", "title": "CVE-2009-0034", "cwe": ["CWE-264"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2018-10-11T20:59:00", "cpe": ["cpe:/a:todd_miller:sudo:1.6.9_p19", "cpe:/a:todd_miller:sudo:1.6.9_p17", "cpe:/a:todd_miller:sudo:1.6.9_p18"], "id": "CVE-2009-0034", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0034", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T11:27:51", "description": "A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via a sudo command. NOTE: this vulnerability exists because of a CVE-2009-0034 regression.", "cvss3": {}, "published": "2011-01-20T19:00:00", "type": "cve", "title": "CVE-2011-0008", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034", "CVE-2011-0008"], "modified": "2017-08-17T01:33:00", "cpe": ["cpe:/a:todd_miller:sudo:1.7.3b1", "cpe:/a:todd_miller:sudo:1.6.3p5", "cpe:/a:todd_miller:sudo:1.5", "cpe:/a:todd_miller:sudo:1.6.8p9", "cpe:/a:todd_miller:sudo:1.6.6", "cpe:/a:todd_miller:sudo:1.6.9p20", "cpe:/a:todd_miller:sudo:1.6.3_p2", "cpe:/a:todd_miller:sudo:1.6.7p2", "cpe:/a:todd_miller:sudo:1.6.9p16", "cpe:/a:todd_miller:sudo:1.7.1", "cpe:/a:todd_miller:sudo:1.5.9", "cpe:/a:todd_miller:sudo:1.6.9p15", "cpe:/a:todd_miller:sudo:1.6.9p19", "cpe:/a:todd_miller:sudo:1.7.4p1", "cpe:/a:todd_miller:sudo:1.6.3", "cpe:/a:todd_miller:sudo:1.6.7", "cpe:/a:todd_miller:sudo:1.6.9_p18", "cpe:/a:todd_miller:sudo:1.6.8_p1", "cpe:/a:todd_miller:sudo:1.6.7p5", "cpe:/a:todd_miller:sudo:1.6.5", "cpe:/a:todd_miller:sudo:1.6.9_p21", "cpe:/a:todd_miller:sudo:1.6.9p2", "cpe:/a:todd_miller:sudo:1.6.5p2", "cpe:/a:todd_miller:sudo:1.6.9p11", "cpe:/a:todd_miller:sudo:1.6.9_p22", "cpe:/a:todd_miller:sudo:1.7.2p5", "cpe:/a:todd_miller:sudo:1.5.8", "cpe:/a:todd_miller:sudo:1.6.8p12", "cpe:/a:todd_miller:sudo:1.6.9p5", "cpe:/a:todd_miller:sudo:1.6.3p1", "cpe:/a:todd_miller:sudo:1.6.8", "cpe:/a:todd_miller:sudo:1.6.8_p5", "cpe:/a:todd_miller:sudo:1.5.7", "cpe:/a:todd_miller:sudo:1.6.2", "cpe:/a:todd_miller:sudo:1.7.2p1", "cpe:/a:todd_miller:sudo:1.6.8p11", "cpe:/a:todd_miller:sudo:1.6.9_p17", "cpe:/a:todd_miller:sudo:1.6.3p7", "cpe:/a:todd_miller:sudo:1.6.2p3", "cpe:/a:todd_miller:sudo:1.6.7p3", "cpe:/a:todd_miller:sudo:1.6.8p2", "cpe:/a:todd_miller:sudo:1.6.8p10", "cpe:/a:todd_miller:sudo:1.6.8p1", "cpe:/a:todd_miller:sudo:1.7.2p4", "cpe:/a:todd_miller:sudo:1.6.9p17", "cpe:/a:todd_miller:sudo:1.6.4p1", "cpe:/a:todd_miller:sudo:1.6.9p22", "cpe:/a:todd_miller:sudo:1.6.3p6", "cpe:/a:todd_miller:sudo:1.7.2p7", "cpe:/a:todd_miller:sudo:1.6.9_p19", "cpe:/a:todd_miller:sudo:1.6.9p21", "cpe:/a:todd_miller:sudo:1.6.4p2", "cpe:/a:todd_miller:sudo:1.5.2", "cpe:/a:todd_miller:sudo:1.7.2p6", "cpe:/a:todd_miller:sudo:1.6.2p1", "cpe:/a:todd_miller:sudo:1.6.8_p12", "cpe:/a:todd_miller:sudo:1.6.1", "cpe:/a:todd_miller:sudo:1.6.2p2", "cpe:/a:todd_miller:sudo:1.6.5_p1", "cpe:/a:todd_miller:sudo:1.6.9_p20", "cpe:/a:todd_miller:sudo:1.7.4", "cpe:/a:todd_miller:sudo:1.7.4p5", "cpe:/a:todd_miller:sudo:1.6.9p23", "cpe:/a:todd_miller:sudo:1.6.9p13", "cpe:/a:todd_miller:sudo:1.6.9p18", "cpe:/a:todd_miller:sudo:1.7.2", "cpe:/a:todd_miller:sudo:1.6.8_p8", "cpe:/a:todd_miller:sudo:1.7.2p2", "cpe:/a:todd_miller:sudo:1.6.7p4", "cpe:/a:todd_miller:sudo:1.6.3p2", "cpe:/a:todd_miller:sudo:1.6.9p14", "cpe:/a:todd_miller:sudo:1.6.8_p9", "cpe:/a:todd_miller:sudo:1.6.8_p7", "cpe:/a:todd_miller:sudo:1.6.9p10", "cpe:/a:todd_miller:sudo:1.6.9p6", "cpe:/a:todd_miller:sudo:1.6.9p1", "cpe:/a:todd_miller:sudo:1.6.8_p2", "cpe:/a:todd_miller:sudo:1.6.8p5", "cpe:/a:todd_miller:sudo:1.6.3_p4", "cpe:/a:todd_miller:sudo:1.6.5_p2", "cpe:/a:todd_miller:sudo:1.5.6", "cpe:/a:todd_miller:sudo:1.6.3_p5", "cpe:/a:todd_miller:sudo:1.6.4", "cpe:/a:todd_miller:sudo:1.6.8p3", "cpe:/a:todd_miller:sudo:1.6.9p4", "cpe:/a:todd_miller:sudo:1.6.9p8", "cpe:/a:todd_miller:sudo:1.6.9p7", "cpe:/a:todd_miller:sudo:1.6.4_p2", "cpe:/a:todd_miller:sudo:1.6.9p9", "cpe:/a:todd_miller:sudo:1.3.1", "cpe:/a:todd_miller:sudo:1.6.7_p5", "cpe:/a:todd_miller:sudo:1.6.3_p6", "cpe:/a:todd_miller:sudo:1.6.3_p3", "cpe:/a:todd_miller:sudo:1.6.3p3", "cpe:/a:todd_miller:sudo:1.5.3", "cpe:/a:todd_miller:sudo:1.6.8p6", "cpe:/a:todd_miller:sudo:1.6.9p3", "cpe:/a:todd_miller:sudo:1.6.8p7", "cpe:/a:todd_miller:sudo:1.6.3_p7", "cpe:/a:todd_miller:sudo:1.6.9p12", "cpe:/a:todd_miller:sudo:1.6.9", "cpe:/a:todd_miller:sudo:1.6.8p4", "cpe:/a:todd_miller:sudo:1.6.7p1", "cpe:/a:todd_miller:sudo:1.7.0", "cpe:/a:todd_miller:sudo:1.6.3_p1", "cpe:/a:todd_miller:sudo:1.6", "cpe:/a:todd_miller:sudo:1.7.4p3", "cpe:/a:todd_miller:sudo:1.7.4p2", "cpe:/a:todd_miller:sudo:1.6.5p1", "cpe:/a:todd_miller:sudo:1.7.4p4", "cpe:/a:todd_miller:sudo:1.7.2p3", "cpe:/a:todd_miller:sudo:1.6.3p4", "cpe:/a:todd_miller:sudo:1.6.8p8", "cpe:/a:todd_miller:sudo:1.6.4_p1"], "id": "CVE-2011-0008", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-0008", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:todd_miller:sudo:1.6.9p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.4_p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.2p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p12:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.5_p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7_p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.5p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p21:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p9:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p23:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p19:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p15:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.4p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p17:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p8:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p13:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p11:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p20:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p9:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p18:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p9:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.5_p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.5p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.2p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p12:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p17:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p14:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p21:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3_p7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.3p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8_p12:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p8:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p22:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p20:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p10:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p22:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p11:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.2p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p8:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p5:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.4p2:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.2p3:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.4_p1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p16:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.7.3b1:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9_p18:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.8p10:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.9p19:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:todd_miller:sudo:1.6.2:*:*:*:*:*:*:*"]}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "description": "Sudo (superuser do) allows a system administrator to give certain users (or groups of users) the ability to run some (or all) commands as root while logging all commands and arguments. Sudo operates on a per-command basis. It is not a replacement for the shell. Features include: the ability to restrict what commands a user may run on a per-host basis, copious logging of each command (providing a clear audit trail of who did what), a configurable timeout of the sudo command, and the ability to use the same configuration file (sudoers) on many different machines. ", "cvss3": {}, "published": "2009-02-05T02:08:39", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: sudo-1.6.9p17-5.fc10", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-05T02:08:39", "id": "FEDORA:9EB8F20896F", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PBP5J44VKES6WHDLG3KAW37EC3HAYH35/", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-21T04:46:01", "description": "The sudo (superuser do) utility allows system administrators to give\ncertain users the ability to run commands as root with logging.\n\nA flaw was discovered in a way sudo handled group specifications in \"run\nas\" lists in the sudoers configuration file. If sudo configuration allowed\na user to run commands as any user of some group and the user was also a\nmember of that group, sudo incorrectly allowed them to run defined commands\nwith the privileges of any system user. This gave the user unintended\nprivileges. (CVE-2009-0034)\n\nUsers of sudo should update to this updated package, which contains a\nbackported patch to resolve this issue.", "cvss3": {}, "published": "2009-02-05T00:00:00", "type": "redhat", "title": "(RHSA-2009:0267) Moderate: sudo security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2017-09-08T08:18:02", "id": "RHSA-2009:0267", "href": "https://access.redhat.com/errata/RHSA-2009:0267", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:34:49", "description": "[1.6.9p17-3.el5_3.1]\n- audit patch rediff (one chunk failed to apply due to fuzz=0)\n- Fix for incorrect handling of groups in Runas_User (#481720)\n Resolves: #481820", "cvss3": {}, "published": "2009-02-05T00:00:00", "type": "oraclelinux", "title": "sudo security update", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2009-0034"], "modified": "2009-02-05T00:00:00", "id": "ELSA-2009-0267", "href": "http://linux.oracle.com/errata/ELSA-2009-0267.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "ubuntucve": [{"lastseen": "2021-11-22T22:00:09", "description": "parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a\nsystem group (aka %group) in the sudoers file during authorization\ndecisions for a user who belongs to that group, which allows local users to\nleverage an applicable sudoers file and gain root privileges via a sudo\ncommand.", "cvss3": {}, "published": "2009-01-30T00:00:00", "type": "ubuntucve", "title": "CVE-2009-0034", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034"], "modified": "2009-01-30T00:00:00", "id": "UB:CVE-2009-0034", "href": "https://ubuntu.com/security/CVE-2009-0034", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "vmware": [{"lastseen": "2022-05-26T00:57:02", "description": "a. Service Console package udevA vulnerability in the udev program did not verify whether a NETLINKmessage originates from kernel space, which allows local users togain privileges by sending a NETLINK message from user space.The Common Vulnerabilities and Exposures Project (cve.mitre.org)has assigned the name CVE-2009-1185 to this issue.Please see http://kb.vmware.com/kb/1011786 for details.The following table lists what action remediates the vulnerability(column 4) if a solution is available.", "cvss3": {}, "published": "2009-07-10T00:00:00", "type": "vmware", "title": "ESX Service Console updates for udev, sudo, and curl", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 3.9, "obtainAllPrivilege": true, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 7.2, "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0034", "CVE-2009-0037", "CVE-2009-1185"], "modified": "2009-07-10T00:00:00", "id": "VMSA-2009-0009", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0009.html", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}]}
Fedora Core 10 FEDORA-2009-1074 (sudo)
