Lucene search
Copyright (C) 2011 Greenbone AGOPENVAS:136141256231069566HistoryMay 12, 2011 - 12:00 a.m.
Debian: Security Advisory (DSA-2223-1)
2011-05-1200:00:00
Copyright (C) 2011 Greenbone AG
plugins.openvas.org
7
6.6 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.7%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2011 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.69566");
script_cve_id("CVE-2011-1522");
script_tag(name:"creation_date", value:"2011-05-12 17:21:50 +0000 (Thu, 12 May 2011)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Debian: Security Advisory (DSA-2223-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2011 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB6");
script_xref(name:"Advisory-ID", value:"DSA-2223-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2011/DSA-2223-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-2223");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'doctrine' package(s) announced via the DSA-2223-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"It was discovered that Doctrine, a PHP library for implementing object persistence, contains SQL injection vulnerabilities. The exact impact depends on the application which uses the Doctrine library.
For the stable distribution (squeeze), this problem has been fixed in version 1.2.2-2+squeeze1.
We recommend that you upgrade your doctrine packages.");
script_tag(name:"affected", value:"'doctrine' package(s) on Debian 6.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB6") {
if(!isnull(res = isdpkgvuln(pkg:"doctrine", ver:"1.2.2-2+squeeze1", rls:"DEB6"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
openvas
openvas
Debian Security Advisory DSA 2223-1 (doctrine)
2011-05-12 00:00:00
cvelist
cvelist
CVE-2011-1522
2022-10-03 16:15:10
nessus
nessus
Debian DSA-2223-1 : doctrine - SQL injection
2011-04-21 00:00:00
ubuntucve
ubuntucve
CVE-2011-1522
2011-05-03 00:00:00
debian
debian
[SECURITY] [DSA 2223-1] doctrine security update
2011-04-20 18:34:22
debiancve
debiancve
CVE-2011-1522
2011-05-03 20:55:00
prion
prion
Sql injection
2011-05-03 20:55:00
securityvulns
securityvulns
[SECURITY] [DSA 2223-1] doctrine security update
2011-04-21 00:00:00
cve
cve
CVE-2011-1522
2011-05-03 20:55:00
6.6 Medium
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.006 Low
EPSS
Percentile
78.7%
Related for OPENVAS:136141256231069566