Search...

Ubuntu: Security Advisory for python3.7 (USN-4333-1)

2020-04-22T00:00:00

ID OPENVAS:1361412562310844398
Type openvas
Reporter Copyright (C) 2020 Greenbone Networks GmbH
Modified 2020-04-26T00:00:00

Description

The remote host is missing an update for the

                                        
                                            # Copyright (C) 2020 Greenbone Networks GmbH
# Some text descriptions might be excerpted from the referenced
# advisories, and are Copyright (C) by the respective right holder(s)
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.844398");
  script_version("2020-04-26T06:11:04+0000");
  script_cve_id("CVE-2019-18348", "CVE-2020-8492");
  script_tag(name:"cvss_base", value:"7.1");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:N/A:C");
  script_tag(name:"last_modification", value:"2020-04-26 06:11:04 +0000 (Sun, 26 Apr 2020)");
  script_tag(name:"creation_date", value:"2020-04-22 03:01:10 +0000 (Wed, 22 Apr 2020)");
  script_name("Ubuntu: Security Advisory for python3.7 (USN-4333-1)");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2020 Greenbone Networks GmbH");
  script_family("Ubuntu Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/ubuntu_linux", "ssh/login/packages", re:"ssh/login/release=(UBUNTU19\.10|UBUNTU18\.04 LTS|UBUNTU16\.04 LTS)");

  script_xref(name:"USN", value:"4333-1");
  script_xref(name:"URL", value:"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005397.html");

  script_tag(name:"summary", value:"The remote host is missing an update for the 'python3.7'
  package(s) announced via the USN-4333-1 advisory.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");

  script_tag(name:"insight", value:"It was discovered that Python incorrectly stripped certain characters from
requests. A remote attacker could use this issue to perform CRLF injection.
(CVE-2019-18348)

It was discovered that Python incorrectly handled certain HTTP requests.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8492)");

  script_tag(name:"affected", value:"'python3.7' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.");

  script_tag(name:"solution", value:"Please install the updated package(s).");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"package");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-deb.inc");

release = dpkg_get_ssh_release();
if(!release)
  exit(0);

res = "";
report = "";

if(release == "UBUNTU19.10") {

  if(!isnull(res = isdpkgvuln(pkg:"python3.7", ver:"3.7.5-2~19.10ubuntu1", rls:"UBUNTU19.10"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python3.7-minimal", ver:"3.7.5-2~19.10ubuntu1", rls:"UBUNTU19.10"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU18.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"python2.7", ver:"2.7.17-1~18.04ubuntu1", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python2.7-minimal", ver:"2.7.17-1~18.04ubuntu1", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python3.6", ver:"3.6.9-1~18.04ubuntu1", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python3.6-minimal", ver:"3.6.9-1~18.04ubuntu1", rls:"UBUNTU18.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

if(release == "UBUNTU16.04 LTS") {

  if(!isnull(res = isdpkgvuln(pkg:"python2.7", ver:"2.7.12-1ubuntu0~16.04.11", rls:"UBUNTU16.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python2.7-minimal", ver:"2.7.12-1ubuntu0~16.04.11", rls:"UBUNTU16.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python3.5", ver:"3.5.2-2ubuntu0~16.04.10", rls:"UBUNTU16.04 LTS"))) {
    report += res;
  }

  if(!isnull(res = isdpkgvuln(pkg:"python3.5-minimal", ver:"3.5.2-2ubuntu0~16.04.10", rls:"UBUNTU16.04 LTS"))) {
    report += res;
  }

  if(report != "") {
    security_message(data:report);
  } else if(__pkg_match) {
    exit(99);
  }
  exit(0);
}

exit(0);

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310844398", "type": "openvas", "bulletinFamily": "scanner", "title": "Ubuntu: Security Advisory for python3.7 (USN-4333-1)", "description": "The remote host is missing an update for the ", "published": "2020-04-22T00:00:00", "modified": "2020-04-26T00:00:00", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844398", "reporter": "Copyright (C) 2020 Greenbone Networks GmbH", "references": ["https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005397.html", "4333-1"], "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "lastseen": "2020-04-28T17:18:54", "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2020-8492", "CVE-2019-18348"]}, {"type": "nessus", "idList": ["UBUNTU_USN-4333-1.NASL", "FREEBSD_PKG_33C05D57BF6E11EABA1E0800273F78D3.NASL", "SUSE_SU-2020-3865-1.NASL", "FEDORA_2020-8BDD3FD7A4.NASL", "SUSE_SU-2020-0854-1.NASL", "FEDORA_2020-EA5BDBCC90.NASL", "FREEBSD_PKG_2CB21232FB3211EAA929A4BF014BF5F7.NASL", "SUSE_SU-2020-1524-1.NASL", "PHOTONOS_PHSA-2020-1_0-0304_PYTHON3.NASL", "UBUNTU_USN-4333-2.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220201296", "OPENVAS:1361412562310878038", "OPENVAS:1361412562310113639", "OPENVAS:1361412562310877895", "OPENVAS:1361412562311220201321", "OPENVAS:1361412562310844416", "OPENVAS:1361412562310853167", "OPENVAS:1361412562310113637", "OPENVAS:1361412562310877872", "OPENVAS:1361412562310113638"]}, {"type": "ubuntu", "idList": ["USN-4333-2", "USN-4333-1"]}, {"type": "freebsd", "idList": ["A27B0BB6-84FC-11EA-B5B4-641C67A117D8", "CA595A25-91D8-11EA-B470-080027846A02", "2CB21232-FB32-11EA-A929-A4BF014BF5F7", "33C05D57-BF6E-11EA-BA1E-0800273F78D3"]}, {"type": "fedora", "idList": ["FEDORA:6C76E608E1F6", "FEDORA:EC30530A4CD0", "FEDORA:1523A318B2F7", "FEDORA:A7E596153F56"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:322886B40F0FE55C516FF12037103125"]}, {"type": "gentoo", "idList": ["GLSA-202005-09"]}, {"type": "amazon", "idList": ["ALAS-2020-1407", "ALAS2-2020-1471", "ALAS-2020-1406", "ALAS2-2020-1432"]}, {"type": "redhat", "idList": ["RHSA-2020:4273", "RHSA-2020:4433", "RHSA-2020:3888", "RHSA-2020:4285"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0696-1", "OPENSUSE-SU-2020:0274-1"]}, {"type": "centos", "idList": ["CESA-2020:3888"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4433", "ELSA-2020-3888"]}, {"type": "debian", "idList": ["DEBIAN:DLA-2280-1:96280"]}], "modified": "2020-04-28T17:18:54", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2020-04-28T17:18:54", "rev": 2}, "vulnersScore": 7.1}, "pluginID": "1361412562310844398", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844398\");\n script_version(\"2020-04-26T06:11:04+0000\");\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-04-26 06:11:04 +0000 (Sun, 26 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-22 03:01:10 +0000 (Wed, 22 Apr 2020)\");\n script_name(\"Ubuntu: Security Advisory for python3.7 (USN-4333-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4333-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005397.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3.7'\n package(s) announced via the USN-4333-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that Python incorrectly stripped certain characters from\nrequests. A remote attacker could use this issue to perform CRLF injection.\n(CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP requests.\nAn attacker could possibly use this issue to cause a denial of service.\n(CVE-2020-8492)\");\n\n script_tag(name:\"affected\", value:\"'python3.7' package(s) on Ubuntu 19.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.7\", ver:\"3.7.5-2~19.10ubuntu1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.7-minimal\", ver:\"3.7.5-2~19.10ubuntu1\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.17-1~18.04ubuntu1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.17-1~18.04ubuntu1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.6\", ver:\"3.6.9-1~18.04ubuntu1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.6-minimal\", ver:\"3.6.9-1~18.04ubuntu1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python2.7\", ver:\"2.7.12-1ubuntu0~16.04.11\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python2.7-minimal\", ver:\"2.7.12-1ubuntu0~16.04.11\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.5\", ver:\"3.5.2-2ubuntu0~16.04.10\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.5-minimal\", ver:\"3.5.2-2ubuntu0~16.04.10\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "naslFamily": "Ubuntu Local Security Checks"}

{"cve": [{"lastseen": "2020-12-09T21:41:48", "description": "An issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in the host component of a URL) followed by an HTTP header. This is similar to the CVE-2019-9740 query string issue and the CVE-2019-9947 path string issue. (This is not exploitable when glibc has CVE-2016-10739 fixed.). This is fixed in: v2.7.18, v2.7.18rc1; v3.5.10, v3.5.10rc1; v3.6.11, v3.6.11rc1, v3.6.12; v3.7.8, v3.7.8rc1, v3.7.9; v3.8.3, v3.8.3rc1, v3.8.4, v3.8.4rc1, v3.8.5, v3.8.6, v3.8.6rc1.", "edition": 21, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "baseScore": 6.1, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 2.7}, "published": "2019-10-23T17:15:00", "title": "CVE-2019-18348", "type": "cve", "cwe": ["CWE-74"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-18348"], "modified": "2020-11-16T20:46:00", "cpe": ["cpe:/a:python:python:2.7.17"], "id": "CVE-2019-18348", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-18348", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:python:python:2.7.17:*:*:*:*:*:*:*"]}, {"lastseen": "2020-12-09T22:03:18", "description": "Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.", "edition": 18, "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 6.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-01-30T19:15:00", "title": "CVE-2020-8492", "type": "cve", "cwe": ["CWE-400"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.1, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-8492"], "modified": "2020-07-15T12:15:00", "cpe": ["cpe:/a:python:python:3.5.9", "cpe:/a:python:python:3.6.10", "cpe:/o:opensuse:leap:15.1", "cpe:/a:python:python:3.7.6", "cpe:/a:python:python:2.7.17", "cpe:/a:python:python:3.8.1"], "id": "CVE-2020-8492", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8492", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}, "cpe23": ["cpe:2.3:a:python:python:3.6.10:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.5.9:*:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:2.7.17:*:*:*:*:*:*:*", "cpe:2.3:a:python:python:3.8.1:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-02T11:37:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "USN-4333-1 fixed vulnerabilities in Python. This update provides \nthe corresponding update for Ubuntu 20.04 LTS.\n\nOriginal advisory details:\n\nIt was discovered that Python incorrectly stripped certain characters from \nrequests. A remote attacker could use this issue to perform CRLF injection. \n(CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP requests. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2020-8492)", "edition": 2, "modified": "2020-04-30T00:00:00", "published": "2020-04-30T00:00:00", "id": "USN-4333-2", "href": "https://ubuntu.com/security/notices/USN-4333-2", "title": "Python vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-02T11:40:15", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "It was discovered that Python incorrectly stripped certain characters from \nrequests. A remote attacker could use this issue to perform CRLF injection. \n(CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP requests. \nAn attacker could possibly use this issue to cause a denial of service. \n(CVE-2020-8492)", "edition": 2, "modified": "2020-04-21T00:00:00", "published": "2020-04-21T00:00:00", "id": "USN-4333-1", "href": "https://ubuntu.com/security/notices/USN-4333-1", "title": "Python vulnerabilities", "type": "ubuntu", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2020-07-20T11:25:18", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "\nPython reports:\n\nThe AbstractBasicAuthHandler class of the urllib.request module uses an inefficient\n\t regular expression which can be exploited by an attacker to cause a denial of service.\n\t Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben\n\t Caller and Matt Schwager.\nDisallow control characters in hostnames in http.client, addressing CVE-2019-18348.\n\t Such potentially malicious header injection URLs now cause a InvalidURL to be raised.\nDisallow CR or LF in email.headerregistry.Address arguments to guard against header\n\t injection attacks.\n\n", "edition": 2, "modified": "2019-10-24T00:00:00", "published": "2019-10-24T00:00:00", "id": "33C05D57-BF6E-11EA-BA1E-0800273F78D3", "href": "https://vuxml.freebsd.org/freebsd/33c05d57-bf6e-11ea-ba1e-0800273f78d3.html", "title": "Python -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-09-20T14:41:37", "bulletinFamily": "unix", "cvelist": ["CVE-2019-20907", "CVE-2020-15523", "CVE-2019-18348", "CVE-2020-14422", "CVE-2020-8492"], "description": "\nPython reports:\n\nbpo-39603: Prevent http header injection by rejecting control characters in http.client.putrequest(\u00e2\u0080\u00a6).\nbpo-29778: Ensure python3.dll is loaded from correct locations when Python is embedded (CVE-2020-15523).\nbpo-41004: CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).\nbpo-39073: Disallow CR or LF in email.headerregistry.Address arguments to guard against header injection attacks.\nbpo-38576: Disallow control characters in hostnames in http.client, addressing CVE-2019-18348. Such potentially malicious header injection URLs now cause a InvalidURL to be raised.\nbpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression which can be exploited by an attacker to cause a denial of service. Fix the regex to prevent the catastrophic backtracking. Vulnerability reported by Ben Caller and Matt Schwager.\nbpo-38945: Newline characters have been escaped when performing uu encoding to prevent them from overflowing into to content section of the encoded file. This prevents malicious or accidental modification of data during the decoding process.\nbpo-38804: Fixes a ReDoS vulnerability in http.cookiejar. Patch by Ben Caller.\nbpo-39017: Avoid infinite loop when reading specially crafted TAR files using the tarfile module (CVE-2019-20907).\nbpo-41183: Use 3072 RSA keys and SHA-256 signature for test certs and keys.\nbpo-39503: AbstractBasicAuthHandler of urllib.request now parses all WWW-Authenticate HTTP headers and accepts multiple challenges per header: use the realm of the first Basic challenge.\n\n", "edition": 1, "modified": "2020-08-19T00:00:00", "published": "2020-08-19T00:00:00", "id": "2CB21232-FB32-11EA-A929-A4BF014BF5F7", "href": "https://vuxml.freebsd.org/freebsd/2cb21232-fb32-11ea-a929-a4bf014bf5f7.html", "title": "Python -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-13T17:22:33", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "\nBen Caller and Matt Schwager reports:\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7\n\t through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct\n\t Regular Expression Denial of Service (ReDoS) attacks against a client\n\t because of urllib.request.AbstractBasicAuthHandler catastrophic\n\t backtracking.\n\n", "edition": 4, "modified": "2020-06-13T00:00:00", "published": "2019-11-17T00:00:00", "id": "A27B0BB6-84FC-11EA-B5B4-641C67A117D8", "href": "https://vuxml.freebsd.org/freebsd/a27b0bb6-84fc-11ea-b5b4-641c67a117d8.html", "title": "Python -- Regular Expression DoS attack against client", "type": "freebsd", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-13T17:22:32", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348"], "description": "\nPython reports:\n\nAn issue was discovered in urllib2 in Python 2.x through 2.7.17 and urllib in Python 3.x\n\t through 3.8.0. CRLF injection is possible if the attacker controls a url parameter, as\n\t demonstrated by the first argument to urllib.request.urlopen with \\r\\n (specifically in\n\t the host component of a URL) followed by an HTTP header.\n\n", "edition": 4, "modified": "2020-06-13T00:00:00", "published": "2019-10-24T00:00:00", "id": "CA595A25-91D8-11EA-B470-080027846A02", "href": "https://vuxml.freebsd.org/freebsd/ca595a25-91d8-11ea-b470-080027846a02.html", "title": "Python -- CRLF injection via the host part of the url passed to urlopen()", "type": "freebsd", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "modified": "2020-07-04T01:14:28", "published": "2020-07-04T01:14:28", "id": "FEDORA:EC30530A4CD0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: python36-3.6.11-1.fc32", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "Python 3.6 package for developers. This package exists to allow developers to test their code against an older version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.6, see other distributions that support it, such as CentOS or RHEL with Software Collections or older Fedora releases. ", "modified": "2020-07-10T01:02:15", "published": "2020-07-10T01:02:15", "id": "FEDORA:1523A318B2F7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: python36-3.6.11-1.fc31", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "Python is an accessible, high-level, dynamically typed, interpreted program ming language, designed with an emphasis on code readability. It includes an extensive standard library, and has a vast ecosystem of third-party libraries. The python3 package provides the \"python3\" executable: the reference interpreter for the Python language, version 3. The majority of its standard library is provided in the python3-libs packag e, which should be installed automatically along with python3. The remaining parts of the Python standard library are broken out into the python3-tkinter and python3-test packages, which may need to be installed separately. Documentation for Python is provided in the python3-docs package. Packages containing additional libraries for Python are generally named with the \"python3-\" prefix. ", "modified": "2020-05-26T03:14:58", "published": "2020-05-26T03:14:58", "id": "FEDORA:A7E596153F56", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: python3-3.8.3-1.fc32", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "Python 3.8 package for developers. This package exists to allow developers to test their code against a newer version of Python. This is not a full Python stack and if you wish to run your applications with Python 3.8, update your Fedora to a newer version once Python 3.8 is stable. ", "modified": "2020-05-29T02:27:10", "published": "2020-05-29T02:27:10", "id": "FEDORA:6C76E608E1F6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: python38-3.8.3-1.fc31", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "cloudfoundry": [{"lastseen": "2020-05-15T05:07:21", "bulletinFamily": "software", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "# \n\n## Severity\n\nMedium\n\n## Vendor\n\nCanonical Ubuntu\n\n## Versions Affected\n\n * Canonical Ubuntu 14.04\n * Canonical Ubuntu 16.04\n * Canonical Ubuntu 18.04\n\n## Description\n\nIt was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492)\n\nCVEs contained in this USN include: CVE-2019-18348, CVE-2020-8492.\n\n## Affected Cloud Foundry Products and Versions\n\n_Severity is medium unless otherwise noted._\n\n * cflinuxfs3 \n * All versions prior to 0.176.0\n * Xenial Stemcells \n * 170.x versions prior to 170.217\n * 250.x versions prior to 250.196\n * 315.x versions prior to 315.181\n * 456.x versions prior to 456.110\n * 621.x versions prior to 621.71\n * All other stemcells not listed.\n * CF Deployment \n * All versions prior to v13.0.0\n\n## Mitigation\n\nUsers of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:\n\n * cflinuxfs3 \n * Upgrade All versions to 0.176.0 or greater\n * Xenial Stemcells \n * Upgrade 170.x versions to 170.217 or greater\n * Upgrade 250.x versions to 250.196 or greater\n * Upgrade 315.x versions to 315.181 or greater\n * Upgrade 456.x versions to 456.110 or greater\n * Upgrade 621.x versions to 621.71 or greater\n * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>).\n * CF Deployment \n * Upgrade All versions to v13.0.0 or greater\n\n## References\n\n * [USN Notice](<https://usn.ubuntu.com/4333-1/>)\n * [CVE-2019-18348](<https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18348>)\n * [CVE-2020-8492](<https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8492>)\n\n## History\n\n2020-04-21: Initial vulnerability report published.\n", "edition": 1, "modified": "2020-05-14T00:00:00", "published": "2020-05-14T00:00:00", "id": "CFOUNDRY:322886B40F0FE55C516FF12037103125", "href": "https://www.cloudfoundry.org/blog/usn-4333-1/", "title": "USN-4333-1: Python vulnerabilities | Cloud Foundry", "type": "cloudfoundry", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2020-05-08T17:11:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "The remote host is missing an update for the ", "modified": "2020-05-07T00:00:00", "published": "2020-05-01T00:00:00", "id": "OPENVAS:1361412562310844416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844416", "type": "openvas", "title": "Ubuntu: Security Advisory for python3.8 (USN-4333-2)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844416\");\n script_version(\"2020-05-07T07:41:43+0000\");\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-07 07:41:43 +0000 (Thu, 07 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-01 03:00:44 +0000 (Fri, 01 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for python3.8 (USN-4333-2)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU20\\.04 LTS\");\n\n script_xref(name:\"USN\", value:\"4333-2\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-April/005416.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3.8'\n package(s) announced via the USN-4333-2 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"USN-4333-1 fixed vulnerabilities in Python. This update provides\nthe corresponding update for Ubuntu 20.04 LTS.\n\nOriginal advisory details:\n\nIt was discovered that Python incorrectly stripped certain characters from\nrequests. A remote attacker could use this issue to perform CRLF injection.\n(CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP requests.\nAn attacker could possibly use this issue to cause a denial of service.\n(CVE-2020-8492)\");\n\n script_tag(name:\"affected\", value:\"'python3.8' package(s) on Ubuntu 20.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.8\", ver:\"3.8.2-1ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(!isnull(res = isdpkgvuln(pkg:\"python3.8-minimal\", ver:\"3.8.2-1ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-07-21T19:49:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "description": "The remote host is missing an update for the ", "modified": "2020-07-09T00:00:00", "published": "2020-07-04T00:00:00", "id": "OPENVAS:1361412562310878038", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310878038", "type": "openvas", "title": "Fedora: Security Advisory for python36 (FEDORA-2020-8bdd3fd7a4)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.878038\");\n script_version(\"2020-07-09T12:15:58+0000\");\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-09 12:15:58 +0000 (Thu, 09 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-04 03:21:08 +0000 (Sat, 04 Jul 2020)\");\n script_name(\"Fedora: Security Advisory for python36 (FEDORA-2020-8bdd3fd7a4)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-8bdd3fd7a4\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UESGYI5XDAHJBATEZN3MHNDUBDH47AS6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python36'\n package(s) announced via the FEDORA-2020-8bdd3fd7a4 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.6 package for developers.\n\nThis package exists to allow developers to test their code against an older\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.6, see other distributions\nthat support it, such as CentOS or RHEL with Software Collections\nor older Fedora releases.\");\n\n script_tag(name:\"affected\", value:\"'python36' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python36\", rpm:\"python36~3.6.11~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-03T15:39:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310877872", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877872", "type": "openvas", "title": "Fedora: Security Advisory for python3 (FEDORA-2020-98e0f0f11b)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877872\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:28:52 +0000 (Fri, 29 May 2020)\");\n script_name(\"Fedora: Security Advisory for python3 (FEDORA-2020-98e0f0f11b)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-98e0f0f11b\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APGWEMYZIY5VHLCSZ3HD67PA5Z2UQFGH\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python3'\n package(s) announced via the FEDORA-2020-98e0f0f11b advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python is an accessible, high-level, dynamically typed, interpreted programming\nlanguage, designed with an emphasis on code readability.\nIt includes an extensive standard library, and has a vast ecosystem of\nthird-party libraries.\n\nThe python3 package provides the 'python3' executable: the reference\ninterpreter for the Python language, version 3.\nThe majority of its standard library is provided in the python3-libs package,\nwhich should be installed automatically along with python3.\nThe remaining parts of the Python standard library are broken out into the\npython3-tkinter and python3-test packages, which may need to be installed\nseparately.\n\nDocumentation for Python is provided in the python3-docs package.\n\nPackages containing additional libraries for Python are generally named with\nthe 'python3-' prefix.\");\n\n script_tag(name:\"affected\", value:\"'python3' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.8.3~1.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-11T16:58:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.", "modified": "2020-03-10T00:00:00", "published": "2020-02-17T00:00:00", "id": "OPENVAS:1361412562310113637", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113637", "type": "openvas", "title": "Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (Linux)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113637\");\n script_version(\"2020-03-10T07:36:36+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-10 07:36:36 +0000 (Tue, 10 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-17 14:07:49 +0000 (Mon, 17 Feb 2020)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"NoneAvailable\");\n\n script_cve_id(\"CVE-2020-8492\");\n\n script_name(\"Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (Linux)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_python_detect_lin.nasl\");\n script_mandatory_keys(\"python/linux/detected\");\n\n script_tag(name:\"summary\", value:\"Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression (catastrophic backtracking)\n which can be exploited by an attacker to cause a denial of service.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application.\");\n\n script_tag(name:\"affected\", value:\"Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1\");\n\n script_tag(name:\"solution\", value:\"No known solution is available as of 17th February, 2020. Information regarding this issue will be updated once solution details are available.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.python.org/issue39503\");\n script_xref(name:\"URL\", value:\"https://python-security.readthedocs.io/vuln/urllib-basic-auth-Nregex.html\");\n\n\n exit(0);\n}\n\nCPE = \"cpe:/a:python:python\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"2.7.0\", test_version2: \"2.7.17\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.5.0\", test_version2: \"3.5.9\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.6.0\", test_version2: \"3.6.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.7.0\", test_version2: \"3.7.6\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.8.0\", test_version2: \"3.8.1\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-11T16:58:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.", "modified": "2020-03-10T00:00:00", "published": "2020-02-17T00:00:00", "id": "OPENVAS:1361412562310113638", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113638", "type": "openvas", "title": "Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (Windows)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113638\");\n script_version(\"2020-03-10T07:36:36+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-10 07:36:36 +0000 (Tue, 10 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-17 14:37:49 +0000 (Mon, 17 Feb 2020)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n\n script_tag(name:\"solution_type\", value:\"NoneAvailable\");\n\n script_cve_id(\"CVE-2020-8492\");\n\n script_name(\"Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (Windows)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_python_detect_win.nasl\");\n script_mandatory_keys(\"python/win/detected\");\n\n script_tag(name:\"summary\", value:\"Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"The AbstractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression (catastrophic backtracking) which can be exploited by an attacker to cause a denial of service.\");\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application.\");\n script_tag(name:\"affected\", value:\"Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1\");\n script_tag(name:\"solution\", value:\"No known solution is available as of 17th February, 2020. Information regarding this issue will be updated once solution details are available.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.python.org/issue39503\");\n script_xref(name:\"URL\", value:\"https://python-security.readthedocs.io/vuln/urllib-basic-auth-Nregex.html\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:python:python\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"2.7.0\", test_version2: \"2.7.17\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.5.0\", test_version2: \"3.5.9\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.6.0\", test_version2: \"3.6.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.7.0\", test_version2: \"3.7.6\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.8.0\", test_version2: \"3.8.1\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-24T16:55:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-24T00:00:00", "published": "2020-03-24T00:00:00", "id": "OPENVAS:1361412562311220201321", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201321", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1321)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1321\");\n script_version(\"2020-03-24T07:31:57+0000\");\n script_cve_id(\"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-24 07:31:57 +0000 (Tue, 24 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-24 07:31:57 +0000 (Tue, 24 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python (EulerOS-SA-2020-1321)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1321\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1321\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python' package(s) announced via the EulerOS-SA-2020-1321 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\");\n\n script_tag(name:\"affected\", value:\"'python' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python\", rpm:\"python~2.7.5~69.h29.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-devel\", rpm:\"python-devel~2.7.5~69.h29.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-libs\", rpm:\"python-libs~2.7.5~69.h29.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tkinter\", rpm:\"tkinter~2.7.5~69.h29.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-11T16:58:24", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.", "modified": "2020-03-10T00:00:00", "published": "2020-02-17T00:00:00", "id": "OPENVAS:1361412562310113639", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113639", "type": "openvas", "title": "Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (MAC OS X)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113639\");\n script_version(\"2020-03-10T07:36:36+0000\");\n script_tag(name:\"last_modification\", value:\"2020-03-10 07:36:36 +0000 (Tue, 10 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-02-17 14:07:49 +0000 (Mon, 17 Feb 2020)\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n\n script_tag(name:\"solution_type\", value:\"NoneAvailable\");\n\n script_cve_id(\"CVE-2020-8492\");\n\n script_name(\"Python 2.7.x <= 2.7.17, 3.5 <= 3.5.9, 3.6.x <= 3.6.10, 3.7.x <= 3.7.6, 3.8.x <= 3.8.1 Regular Expression Denial of Service (ReDoS) Vulnerability (MAC OS X)\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_python_detect_macosx.nasl\");\n script_mandatory_keys(\"python/macosx/detected\");\n\n script_tag(name:\"summary\", value:\"Python is prone to a Regular Expresson Denial of Service (ReDoS) vulnerability.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The AbtractBasicAuthHandler class of the urllib.request module uses an inefficient regular expression (catastrophic backtracking)\n which can be exploited by an attacker to cause a denial of service.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to crash the application.\");\n\n script_tag(name:\"affected\", value:\"Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1\");\n\n script_tag(name:\"solution\", value:\"No known solution is available as of 17th February, 2020. Information regarding this issue will be updated once solution details are available.\");\n\n script_xref(name:\"URL\", value:\"https://bugs.python.org/issue39503\");\n script_xref(name:\"URL\", value:\"https://python-security.readthedocs.io/vuln/urllib-basic-auth-Nregex.html\");\n\n\n exit(0);\n}\n\nCPE = \"cpe:/a:python:python\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_in_range( version: version, test_version: \"2.7.0\", test_version2: \"2.7.17\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.5.0\", test_version2: \"3.5.9\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.6.0\", test_version2: \"3.6.10\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.7.0\", test_version2: \"3.7.6\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nif( version_in_range( version: version, test_version: \"3.8.0\", test_version2: \"3.8.1\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"None\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n\n", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-24T16:50:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-23T00:00:00", "published": "2020-03-23T00:00:00", "id": "OPENVAS:1361412562311220201296", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201296", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-1296)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1296\");\n script_version(\"2020-03-23T07:40:13+0000\");\n script_cve_id(\"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-23 07:40:13 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 07:40:13 +0000 (Mon, 23 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python3 (EulerOS-SA-2020-1296)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1296\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1296\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python3' package(s) announced via the EulerOS-SA-2020-1296 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\");\n\n script_tag(name:\"affected\", value:\"'python3' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3\", rpm:\"python3~3.7.0~9.h18.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-devel\", rpm:\"python3-devel~3.7.0~9.h18.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-libs\", rpm:\"python3-libs~3.7.0~9.h18.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-test\", rpm:\"python3-test~3.7.0~9.h18.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-03T15:37:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-8492"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310877895", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877895", "type": "openvas", "title": "Fedora: Security Advisory for python38 (FEDORA-2020-6a88dad4a0)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877895\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:29:23 +0000 (Fri, 29 May 2020)\");\n script_name(\"Fedora: Security Advisory for python38 (FEDORA-2020-6a88dad4a0)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2020-6a88dad4a0\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7WOKDEXLYW5UQ4S7PA7E37IITOC7C56J\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'python38'\n package(s) announced via the FEDORA-2020-6a88dad4a0 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Python 3.8 package for developers.\n\nThis package exists to allow developers to test their code against a newer\nversion of Python. This is not a full Python stack and if you wish to run\nyour applications with Python 3.8, update your Fedora to a newer\nversion once Python 3.8 is stable.\");\n\n script_tag(name:\"affected\", value:\"'python38' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python38\", rpm:\"python38~3.8.3~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-24T16:53:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2017-18207", "CVE-2020-8492"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-03-23T00:00:00", "published": "2020-03-23T00:00:00", "id": "OPENVAS:1361412562311220201295", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201295", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-1295)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1295\");\n script_version(\"2020-03-23T07:40:11+0000\");\n script_cve_id(\"CVE-2017-18207\", \"CVE-2020-8492\");\n script_tag(name:\"cvss_base\", value:\"7.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-23 07:40:11 +0000 (Mon, 23 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-03-23 07:40:11 +0000 (Mon, 23 Mar 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for python2 (EulerOS-SA-2020-1295)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1295\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1295\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'python2' package(s) announced via the EulerOS-SA-2020-1295 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"** DISPUTED ** The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file. NOTE: the vendor disputes this issue because Python applications 'need to be prepared to handle a wide variety of exceptions.'(CVE-2017-18207)\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.(CVE-2020-8492)\");\n\n script_tag(name:\"affected\", value:\"'python2' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python-unversioned-command\", rpm:\"python-unversioned-command~2.7.15~10.h21.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2\", rpm:\"python2~2.7.15~10.h21.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-devel\", rpm:\"python2-devel~2.7.15~10.h21.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-libs\", rpm:\"python2-libs~2.7.15~10.h21.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python2-test\", rpm:\"python2-test~2.7.15~10.h21.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2020-07-22T02:06:17", "description": "Python reports :\n\nThe AbstractBasicAuthHandler class of the urllib.request module uses\nan inefficient regular expression which can be exploited by an\nattacker to cause a denial of service. Fix the regex to prevent the\ncatastrophic backtracking. Vulnerability reported by Ben Caller and\nMatt Schwager.\n\nDisallow control characters in hostnames in http.client, addressing\nCVE-2019-18348. Such potentially malicious header injection URLs now\ncause a InvalidURL to be raised.\n\nDisallow CR or LF in email.headerregistry.Address arguments to guard\nagainst header injection attacks.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-07-06T00:00:00", "title": "FreeBSD : Python -- multiple vulnerabilities (33c05d57-bf6e-11ea-ba1e-0800273f78d3)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-07-06T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:python37"], "id": "FREEBSD_PKG_33C05D57BF6E11EABA1E0800273F78D3.NASL", "href": "https://www.tenable.com/plugins/nessus/138125", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138125);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/21\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n\n script_name(english:\"FreeBSD : Python -- multiple vulnerabilities (33c05d57-bf6e-11ea-ba1e-0800273f78d3)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Python reports :\n\nThe AbstractBasicAuthHandler class of the urllib.request module uses\nan inefficient regular expression which can be exploited by an\nattacker to cause a denial of service. Fix the regex to prevent the\ncatastrophic backtracking. Vulnerability reported by Ben Caller and\nMatt Schwager.\n\nDisallow control characters in hostnames in http.client, addressing\nCVE-2019-18348. Such potentially malicious header injection URLs now\ncause a InvalidURL to be raised.\n\nDisallow CR or LF in email.headerregistry.Address arguments to guard\nagainst header injection attacks.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://docs.python.org/3.7/whatsnew/changelog.html#changelog\"\n );\n # https://vuxml.freebsd.org/freebsd/33c05d57-bf6e-11ea-ba1e-0800273f78d3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?00a7ad2a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python37<3.7.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-18T11:04:25", "description": "USN-4333-1 fixed vulnerabilities in Python. This update provides the\ncorresponding update for Ubuntu 20.04 LTS.\n\nIt was discovered that Python incorrectly stripped certain characters\nfrom requests. A remote attacker could use this issue to perform CRLF\ninjection. (CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP\nrequests. An attacker could possibly use this issue to cause a denial\nof service. (CVE-2020-8492).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-05-01T00:00:00", "title": "Ubuntu 20.04 : Python vulnerabilities (USN-4333-2)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-05-01T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04", "p-cpe:/a:canonical:ubuntu_linux:python3.8", "p-cpe:/a:canonical:ubuntu_linux:python3.8-minimal"], "id": "UBUNTU_USN-4333-2.NASL", "href": "https://www.tenable.com/plugins/nessus/136281", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4333-2. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136281);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_xref(name:\"USN\", value:\"4333-2\");\n\n script_name(english:\"Ubuntu 20.04 : Python vulnerabilities (USN-4333-2)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"USN-4333-1 fixed vulnerabilities in Python. This update provides the\ncorresponding update for Ubuntu 20.04 LTS.\n\nIt was discovered that Python incorrectly stripped certain characters\nfrom requests. A remote attacker could use this issue to perform CRLF\ninjection. (CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP\nrequests. An attacker could possibly use this issue to cause a denial\nof service. (CVE-2020-8492).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4333-2/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python3.8 and / or python3.8-minimal packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.8-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(20\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 20.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"20.04\", pkgname:\"python3.8\", pkgver:\"3.8.2-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"20.04\", pkgname:\"python3.8-minimal\", pkgver:\"3.8.2-1ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3.8 / python3.8-minimal\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-14T14:37:19", "description": "# Python 3.6.11\n\nPython 3.6.11 is the latest security fix release of Python 3.6.\n\n - bpo-39073: Disallow CR or LF in\n email.headerregistry.Address arguments to guard against\n header injection attacks.\n\n - bpo-38576: Disallow control characters in hostnames in\n http.client, addressing CVE-2019-18348. Such potentially\n malicious header injection URLs now cause a InvalidURL\n to be raised.\n\n - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler\n class of the urllib.request module uses an inefficient\n regular expression which can be exploited by an attacker\n to cause a denial of service. Fix the regex to prevent\n the catastrophic backtracking. Vulnerability reported by\n Ben Caller and Matt Schwager.\n\nAlso fix a regression with\n`distutils.sysconfig.get_config_var('LIBPL')` value in Fedora specific\npatches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-07-06T00:00:00", "title": "Fedora 32 : python36 (2020-8bdd3fd7a4)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-07-06T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python36", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-8BDD3FD7A4.NASL", "href": "https://www.tenable.com/plugins/nessus/138114", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-8bdd3fd7a4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138114);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/08\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_xref(name:\"FEDORA\", value:\"2020-8bdd3fd7a4\");\n\n script_name(english:\"Fedora 32 : python36 (2020-8bdd3fd7a4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"# Python 3.6.11\n\nPython 3.6.11 is the latest security fix release of Python 3.6.\n\n - bpo-39073: Disallow CR or LF in\n email.headerregistry.Address arguments to guard against\n header injection attacks.\n\n - bpo-38576: Disallow control characters in hostnames in\n http.client, addressing CVE-2019-18348. Such potentially\n malicious header injection URLs now cause a InvalidURL\n to be raised.\n\n - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler\n class of the urllib.request module uses an inefficient\n regular expression which can be exploited by an attacker\n to cause a denial of service. Fix the regex to prevent\n the catastrophic backtracking. Vulnerability reported by\n Ben Caller and Matt Schwager.\n\nAlso fix a regression with\n`distutils.sysconfig.get_config_var('LIBPL')` value in Fedora specific\npatches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-8bdd3fd7a4\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python36 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"python36-3.6.11-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-14T14:39:36", "description": "# Python 3.6.11\n\nPython 3.6.11 is the latest security fix release of Python 3.6.\n\n - bpo-39073: Disallow CR or LF in\n email.headerregistry.Address arguments to guard against\n header injection attacks.\n\n - bpo-38576: Disallow control characters in hostnames in\n http.client, addressing CVE-2019-18348. Such potentially\n malicious header injection URLs now cause a InvalidURL\n to be raised.\n\n - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler\n class of the urllib.request module uses an inefficient\n regular expression which can be exploited by an attacker\n to cause a denial of service. Fix the regex to prevent\n the catastrophic backtracking. Vulnerability reported by\n Ben Caller and Matt Schwager.\n\nAlso fix a regression with\n`distutils.sysconfig.get_config_var('LIBPL')` value in Fedora specific\npatches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-07-10T00:00:00", "title": "Fedora 31 : python36 (2020-ea5bdbcc90)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-07-10T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:python36", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-EA5BDBCC90.NASL", "href": "https://www.tenable.com/plugins/nessus/138368", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-ea5bdbcc90.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138368);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/14\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_xref(name:\"FEDORA\", value:\"2020-ea5bdbcc90\");\n\n script_name(english:\"Fedora 31 : python36 (2020-ea5bdbcc90)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"# Python 3.6.11\n\nPython 3.6.11 is the latest security fix release of Python 3.6.\n\n - bpo-39073: Disallow CR or LF in\n email.headerregistry.Address arguments to guard against\n header injection attacks.\n\n - bpo-38576: Disallow control characters in hostnames in\n http.client, addressing CVE-2019-18348. Such potentially\n malicious header injection URLs now cause a InvalidURL\n to be raised.\n\n - bpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler\n class of the urllib.request module uses an inefficient\n regular expression which can be exploited by an attacker\n to cause a denial of service. Fix the regex to prevent\n the catastrophic backtracking. Vulnerability reported by\n Ben Caller and Matt Schwager.\n\nAlso fix a regression with\n`distutils.sysconfig.get_config_var('LIBPL')` value in Fedora specific\npatches.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-ea5bdbcc90\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected python36 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"python36-3.6.11-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-07-04T00:54:12", "description": "An update of the python3 package has been released.", "edition": 2, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-29T00:00:00", "title": "Photon OS 1.0: Python3 PHSA-2020-1.0-0304", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-06-29T00:00:00", "cpe": ["cpe:/o:vmware:photonos:1.0", "p-cpe:/a:vmware:photonos:python3"], "id": "PHOTONOS_PHSA-2020-1_0-0304_PYTHON3.NASL", "href": "https://www.tenable.com/plugins/nessus/137877", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-1.0-0304. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137877);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/07/03\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n\n script_name(english:\"Photon OS 1.0: Python3 PHSA-2020-1.0-0304\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the python3 package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-304.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"python3-3.5.6-14.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"python3-devel-3.5.6-14.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"python3-libs-3.5.6-14.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", cpu:\"x86_64\", reference:\"python3-tools-3.5.6-14.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-09-18T11:04:25", "description": "It was discovered that Python incorrectly stripped certain characters\nfrom requests. A remote attacker could use this issue to perform CRLF\ninjection. (CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP\nrequests. An attacker could possibly use this issue to cause a denial\nof service. (CVE-2020-8492).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-04-22T00:00:00", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : Python vulnerabilities (USN-4333-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2020-8492"], "modified": "2020-04-22T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:python3.4-minimal", "p-cpe:/a:canonical:ubuntu_linux:python3.4", "p-cpe:/a:canonical:ubuntu_linux:python3.5-minimal", "p-cpe:/a:canonical:ubuntu_linux:python3.6-minimal", "cpe:/o:canonical:ubuntu_linux:16.04", "p-cpe:/a:canonical:ubuntu_linux:python3.6", "p-cpe:/a:canonical:ubuntu_linux:python3.5", "p-cpe:/a:canonical:ubuntu_linux:python2.7", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:python3.7", "p-cpe:/a:canonical:ubuntu_linux:python3.7-minimal", "cpe:/o:canonical:ubuntu_linux:19.10", "p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-4333-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135894", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4333-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135894);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2020-8492\");\n script_xref(name:\"USN\", value:\"4333-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : Python vulnerabilities (USN-4333-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that Python incorrectly stripped certain characters\nfrom requests. A remote attacker could use this issue to perform CRLF\ninjection. (CVE-2019-18348)\n\nIt was discovered that Python incorrectly handled certain HTTP\nrequests. An attacker could possibly use this issue to cause a denial\nof service. (CVE-2020-8492).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4333-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python2.7-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.4-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.5-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.6-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:python3.7-minimal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|18\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 18.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python2.7\", pkgver:\"2.7.12-1ubuntu0~16.04.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.12-1ubuntu0~16.04.11\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python3.5\", pkgver:\"3.5.2-2ubuntu0~16.04.10\")) flag++;\nif (ubuntu_check(osver:\"16.04\", pkgname:\"python3.5-minimal\", pkgver:\"3.5.2-2ubuntu0~16.04.10\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python2.7\", pkgver:\"2.7.17-1~18.04ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python2.7-minimal\", pkgver:\"2.7.17-1~18.04ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python3.6\", pkgver:\"3.6.9-1~18.04ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"python3.6-minimal\", pkgver:\"3.6.9-1~18.04ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"python3.7\", pkgver:\"3.7.5-2~19.10ubuntu1\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"python3.7-minimal\", pkgver:\"3.7.5-2~19.10ubuntu1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python2.7 / python2.7-minimal / python3.4 / python3.4-minimal / etc\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-14T06:26:49", "description": "This update for python3 fixes the following issue :\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen(). Now an InvalidURL exception is raised\n(bsc#1155094).\n\nCVE-2019-9674: Improved the documentation to reflect the dangers of\nzip-bombs (bsc#1162825).\n\nCVE-2020-8492: Fixed a regular expression in urllib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nFixed an issue with version missmatch (bsc#1162224).\n\nRename idle icons to idle3 in order to not conflict with python2\nvariant of the package. (bsc#1165894)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-04-03T00:00:00", "title": "SUSE SLES12 Security Update : python3 (SUSE-SU-2020:0854-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2020-04-03T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpython3_4m1_0", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:python3-base-debugsource", "p-cpe:/a:novell:suse_linux:python3-debugsource", "p-cpe:/a:novell:suse_linux:python3", "p-cpe:/a:novell:suse_linux:python3-base-debuginfo", "p-cpe:/a:novell:suse_linux:python3-devel-debuginfo", "p-cpe:/a:novell:suse_linux:libpython3_4m1_0-debuginfo", "p-cpe:/a:novell:suse_linux:python3-curses", "p-cpe:/a:novell:suse_linux:python3-curses-debuginfo", "p-cpe:/a:novell:suse_linux:python3-devel", "p-cpe:/a:novell:suse_linux:python3-tk", "p-cpe:/a:novell:suse_linux:python3-base", "p-cpe:/a:novell:suse_linux:python3-tk-debuginfo", "p-cpe:/a:novell:suse_linux:python3-debuginfo"], "id": "SUSE_SU-2020-0854-1.NASL", "href": "https://www.tenable.com/plugins/nessus/135197", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:0854-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(135197);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2019-9674\", \"CVE-2020-8492\");\n\n script_name(english:\"SUSE SLES12 Security Update : python3 (SUSE-SU-2020:0854-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for python3 fixes the following issue :\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen(). Now an InvalidURL exception is raised\n(bsc#1155094).\n\nCVE-2019-9674: Improved the documentation to reflect the dangers of\nzip-bombs (bsc#1162825).\n\nCVE-2020-8492: Fixed a regular expression in urllib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nFixed an issue with version missmatch (bsc#1162224).\n\nRename idle icons to idle3 in order to not conflict with python2\nvariant of the package. (bsc#1165894)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18348/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9674/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8492/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20200854-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bbd7794f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2020-854=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2020-854=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2020-854=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2020-854=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2020-854=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2020-854=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2020-854=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2020-854=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2020-854=1\n\nSUSE Linux Enterprise Module for Web Scripting 12:zypper in -t patch\nSUSE-SLE-Module-Web-Scripting-12-2020-854=1\n\nSUSE Enterprise Storage 5:zypper in -t patch SUSE-Storage-5-2020-854=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2020-854=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython3_4m1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython3_4m1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-curses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python3-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0|1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0/1/2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-curses-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-devel-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python3-devel-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-curses-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-curses-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-devel-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python3-devel-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-curses-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-devel-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python3-devel-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_4m1_0-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_4m1_0-32bit-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_4m1_0-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_4m1_0-debuginfo-32bit-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-base-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-base-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-base-debuginfo-32bit-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-base-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-curses-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-curses-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-debuginfo-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-debugsource-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-tk-3.4.10-25.45.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python3-tk-debuginfo-3.4.10-25.45.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-14T06:27:41", "description": "This update for python to version 2.7.17 fixes the following issues :\n\nSyncing with lots of upstream bug fixes and security fixes.\n\nBug fixes :\n\nCVE-2019-9674: Improved the documentation to reflect the dangers of\nzip-bombs (bsc#1162825).\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen(). Now an InvalidURL exception is raised\n(bsc#1155094).\n\nCVE-2020-8492: Fixed a regular expression in urllib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nFixed mismatches between libpython and python-base versions\n(bsc#1162224).\n\nFixed segfault in libpython2.7.so.1 (bsc#1073748).\n\nUnified packages among openSUSE:Factory and SLE versions\n(bsc#1159035).\n\nAdded idle.desktop and idle.appdata.xml to provide IDLE in menus\n(bsc#1153830).\n\nExcluded tsl_check files from python-base to prevent file conflict\nwith python-strict-tls-checks package (bsc#945401).\n\nChanged the name of idle3 icons to idle3.png to avoid collision with\nPython 2 version (bsc#1165894).\n\nAdditionally a new 'shared-python-startup' package is provided\ncontaining startup files.\n\npython-rpm-macros was updated to fix :\n\nDo not write .pyc files for tests (bsc#1171561)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 6.1, "vector": "AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}, "published": "2020-06-18T00:00:00", "title": "SUSE SLES12 Security Update : python (SUSE-SU-2020:1524-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2019-9674", "CVE-2020-8492"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpython2_7", "cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:python-base-debugsource", "p-cpe:/a:novell:suse_linux:python-gdbm", "p-cpe:/a:novell:suse_linux:python", "p-cpe:/a:novell:suse_linux:python-xml-debuginfo", "p-cpe:/a:novell:suse_linux:python-devel", "p-cpe:/a:novell:suse_linux:python-curses-debuginfo", "p-cpe:/a:novell:suse_linux:python-base", "p-cpe:/a:novell:suse_linux:libpython2_7-1_0", "p-cpe:/a:novell:suse_linux:python-tk", "p-cpe:/a:novell:suse_linux:python-base-debuginfo", "p-cpe:/a:novell:suse_linux:python-demo", "p-cpe:/a:novell:suse_linux:python-curses", "p-cpe:/a:novell:suse_linux:python-debuginfo", "p-cpe:/a:novell:suse_linux:python-tk-debuginfo", "p-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo", "p-cpe:/a:novell:suse_linux:python-gdbm-debuginfo", "p-cpe:/a:novell:suse_linux:python-debugsource", "p-cpe:/a:novell:suse_linux:python-xml", "p-cpe:/a:novell:suse_linux:python-idle"], "id": "SUSE_SU-2020-1524-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137580", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1524-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137580);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2019-9674\", \"CVE-2020-8492\");\n\n script_name(english:\"SUSE SLES12 Security Update : python (SUSE-SU-2020:1524-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for python to version 2.7.17 fixes the following issues :\n\nSyncing with lots of upstream bug fixes and security fixes.\n\nBug fixes :\n\nCVE-2019-9674: Improved the documentation to reflect the dangers of\nzip-bombs (bsc#1162825).\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen(). Now an InvalidURL exception is raised\n(bsc#1155094).\n\nCVE-2020-8492: Fixed a regular expression in urllib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nFixed mismatches between libpython and python-base versions\n(bsc#1162224).\n\nFixed segfault in libpython2.7.so.1 (bsc#1073748).\n\nUnified packages among openSUSE:Factory and SLE versions\n(bsc#1159035).\n\nAdded idle.desktop and idle.appdata.xml to provide IDLE in menus\n(bsc#1153830).\n\nExcluded tsl_check files from python-base to prevent file conflict\nwith python-strict-tls-checks package (bsc#945401).\n\nChanged the name of idle3 icons to idle3.png to avoid collision with\nPython 2 version (bsc#1165894).\n\nAdditionally a new 'shared-python-startup' package is provided\ncontaining startup files.\n\npython-rpm-macros was updated to fix :\n\nDo not write .pyc files for tests (bsc#1171561)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1027282\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1041090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1042670\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073269\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1073748\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078326\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1078485\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1081750\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1084650\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1086001\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1149792\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153830\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1159035\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162224\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162825\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165894\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1170411\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171561\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=945401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18348/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-9674/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8492/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201524-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0962fb1f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-Crowbar-8-2020-1524=1\n\nSUSE OpenStack Cloud 8 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-8-2020-1524=1\n\nSUSE OpenStack Cloud 7 :\n\nzypper in -t patch SUSE-OpenStack-Cloud-7-2020-1524=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP5 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP5-2020-1524=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4 :\n\nzypper in -t patch SUSE-SLE-WE-12-SP4-2020-1524=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1524=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1524=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP3-2020-1524=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP2-2020-1524=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1 :\n\nzypper in -t patch SUSE-SLE-SAP-12-SP1-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2020-1524=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP1-2020-1524=1\n\nSUSE Enterprise Storage 5 :\n\nzypper in -t patch SUSE-Storage-5-2020-1524=1\n\nHPE Helion Openstack 8 :\n\nzypper in -t patch HPE-Helion-OpenStack-8-2020-1524=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18348\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython2_7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython2_7-1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython2_7-1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-base-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-curses\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-curses-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-demo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-gdbm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-gdbm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-idle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-xml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python-xml-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython2_7-1_0-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython2_7-1_0-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython2_7-1_0-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-base-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-base-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-base-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-base-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-base-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-curses-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-curses-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-demo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-devel-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-gdbm-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-gdbm-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-idle-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-tk-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-tk-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-xml-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"python-xml-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython2_7-1_0-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython2_7-1_0-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython2_7-1_0-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-base-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-base-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-base-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-base-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-base-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-curses-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-curses-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-demo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-devel-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-gdbm-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-gdbm-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-idle-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-tk-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-tk-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-xml-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"python-xml-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython2_7-1_0-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython2_7-1_0-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython2_7-1_0-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-base-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-base-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-base-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-base-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-base-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-curses-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-curses-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-demo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-devel-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-gdbm-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-gdbm-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-idle-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-tk-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-tk-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-xml-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"python-xml-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython2_7-1_0-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython2_7-1_0-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython2_7-1_0-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-base-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-base-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-base-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-base-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-base-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-curses-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-curses-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-demo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-devel-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-gdbm-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-gdbm-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-idle-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-tk-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-tk-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-xml-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"python-xml-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython2_7-1_0-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython2_7-1_0-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython2_7-1_0-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython2_7-1_0-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-base-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-base-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-base-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-base-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-base-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-curses-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-curses-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-debuginfo-32bit-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-debugsource-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-demo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-devel-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-gdbm-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-gdbm-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-idle-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-tk-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-tk-debuginfo-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-xml-2.7.17-28.42.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python-xml-debuginfo-2.7.17-28.42.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python\");\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-23T06:46:47", "description": "This update for python36 fixes the following issues :\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen() (bsc#1155094)\n\nCVE-2019-20916: Fixed a directory traversal in _download_http_url()\n(bsc#1176262).\n\nCVE-2020-27619: Fixed an issue where the CJK codec tests call eval()\non content retrieved via HTTP (bsc#1178009).\n\nCVE-2020-8492: Fixed a regular expression in urrlib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nWorking-around missing python-packaging dependency in python-Sphinx is\nnot necessary anymore (bsc#1174571).\n\nBuild of python3 documentation is not independent on the version of\nSphinx(bsc#1179630).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 2, "cvss3": {"score": 9.8, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-12-18T00:00:00", "title": "SUSE SLES12 Security Update : python36 (SUSE-SU-2020:3865-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-18348", "CVE-2019-20916", "CVE-2020-27619", "CVE-2020-8492"], "modified": "2020-12-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:libpython3_6m1_0-debuginfo", "p-cpe:/a:novell:suse_linux:python36-base-debuginfo", "p-cpe:/a:novell:suse_linux:python36", "p-cpe:/a:novell:suse_linux:libpython3_6m1_0", "p-cpe:/a:novell:suse_linux:python36-debuginfo", "p-cpe:/a:novell:suse_linux:python36-base", "p-cpe:/a:novell:suse_linux:python36-debugsource"], "id": "SUSE_SU-2020-3865-1.NASL", "href": "https://www.tenable.com/plugins/nessus/144443", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3865-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(144443);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/22\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2019-20916\", \"CVE-2020-27619\", \"CVE-2020-8492\");\n\n script_name(english:\"SUSE SLES12 Security Update : python36 (SUSE-SU-2020:3865-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for python36 fixes the following issues :\n\nCVE-2019-18348: Fixed a CRLF injection via the host part of the url\npassed to urlopen() (bsc#1155094)\n\nCVE-2019-20916: Fixed a directory traversal in _download_http_url()\n(bsc#1176262).\n\nCVE-2020-27619: Fixed an issue where the CJK codec tests call eval()\non content retrieved via HTTP (bsc#1178009).\n\nCVE-2020-8492: Fixed a regular expression in urrlib that was prone to\ndenial of service via HTTP (bsc#1162367).\n\nWorking-around missing python-packaging dependency in python-Sphinx is\nnot necessary anymore (bsc#1174571).\n\nBuild of python3 documentation is not independent on the version of\nSphinx(bsc#1179630).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1155094\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1162367\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1174571\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1176262\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178009\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1179630\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18348/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-20916/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-27619/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8492/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203865-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6eeb8d39\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3865=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython3_6m1_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpython3_6m1_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python36-base\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python36-base-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python36-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:python36-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/12/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_6m1_0-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpython3_6m1_0-debuginfo-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python36-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python36-base-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python36-base-debuginfo-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python36-debuginfo-3.6.12-4.25.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"python36-debugsource-3.6.12-4.25.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python36\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-10-01T06:30:56", "description": "Python reports :\n\nbpo-39603: Prevent http header injection by rejecting control\ncharacters in http.client.putrequest(...).\n\nbpo-29778: Ensure python3.dll is loaded from correct locations when\nPython is embedded (CVE-2020-15523).\n\nbpo-41004: CVE-2020-14422: The __hash__() methods of\nipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly\ngenerated constant hash values of 32 and 128 respectively. This\nresulted in always causing hash collisions. The fix uses hash() to\ngenerate hash values for the tuple of (address, mask length, network\naddress).\n\nbpo-39073: Disallow CR or LF in email.headerregistry.Address arguments\nto guard against header injection attacks.\n\nbpo-38576: Disallow control characters in hostnames in http.client,\naddressing CVE-2019-18348. Such potentially malicious header injection\nURLs now cause a InvalidURL to be raised.\n\nbpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the\nurllib.request module uses an inefficient regular expression which can\nbe exploited by an attacker to cause a denial of service. Fix the\nregex to prevent the catastrophic backtracking. Vulnerability reported\nby Ben Caller and Matt Schwager.\n\nbpo-38945: Newline characters have been escaped when performing uu\nencoding to prevent them from overflowing into to content section of\nthe encoded file. This prevents malicious or accidental modification\nof data during the decoding process.\n\nbpo-38804: Fixes a ReDoS vulnerability in http.cookiejar. Patch by Ben\nCaller.\n\nbpo-39017: Avoid infinite loop when reading specially crafted TAR\nfiles using the tarfile module (CVE-2019-20907).\n\nbpo-41183: Use 3072 RSA keys and SHA-256 signature for test certs and\nkeys.\n\nbpo-39503: AbstractBasicAuthHandler of urllib.request now parses all\nWWW-Authenticate HTTP headers and accepts multiple challenges per\nheader: use the realm of the first Basic challenge.", "edition": 3, "cvss3": {"score": 7.8, "vector": "AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-09-21T00:00:00", "title": "FreeBSD : Python -- multiple vulnerabilities (2cb21232-fb32-11ea-a929-a4bf014bf5f7)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-20907", "CVE-2020-15523", "CVE-2019-18348", "CVE-2020-14422", "CVE-2020-8492"], "modified": "2020-09-21T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:python35", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_2CB21232FB3211EAA929A4BF014BF5F7.NASL", "href": "https://www.tenable.com/plugins/nessus/140678", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140678);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/30\");\n\n script_cve_id(\"CVE-2019-18348\", \"CVE-2019-20907\", \"CVE-2020-14422\", \"CVE-2020-15523\", \"CVE-2020-8492\");\n script_xref(name:\"IAVA\", value:\"2020-A-0340\");\n\n script_name(english:\"FreeBSD : Python -- multiple vulnerabilities (2cb21232-fb32-11ea-a929-a4bf014bf5f7)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Python reports :\n\nbpo-39603: Prevent http header injection by rejecting control\ncharacters in http.client.putrequest(...).\n\nbpo-29778: Ensure python3.dll is loaded from correct locations when\nPython is embedded (CVE-2020-15523).\n\nbpo-41004: CVE-2020-14422: The __hash__() methods of\nipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly\ngenerated constant hash values of 32 and 128 respectively. This\nresulted in always causing hash collisions. The fix uses hash() to\ngenerate hash values for the tuple of (address, mask length, network\naddress).\n\nbpo-39073: Disallow CR or LF in email.headerregistry.Address arguments\nto guard against header injection attacks.\n\nbpo-38576: Disallow control characters in hostnames in http.client,\naddressing CVE-2019-18348. Such potentially malicious header injection\nURLs now cause a InvalidURL to be raised.\n\nbpo-39503: CVE-2020-8492: The AbstractBasicAuthHandler class of the\nurllib.request module uses an inefficient regular expression which can\nbe exploited by an attacker to cause a denial of service. Fix the\nregex to prevent the catastrophic backtracking. Vulnerability reported\nby Ben Caller and Matt Schwager.\n\nbpo-38945: Newline characters have been escaped when performing uu\nencoding to prevent them from overflowing into to content section of\nthe encoded file. This prevents malicious or accidental modification\nof data during the decoding process.\n\nbpo-38804: Fixes a ReDoS vulnerability in http.cookiejar. Patch by Ben\nCaller.\n\nbpo-39017: Avoid infinite loop when reading specially crafted TAR\nfiles using the tarfile module (CVE-2019-20907).\n\nbpo-41183: Use 3072 RSA keys and SHA-256 signature for test certs and\nkeys.\n\nbpo-39503: AbstractBasicAuthHandler of urllib.request now parses all\nWWW-Authenticate HTTP headers and accepts multiple challenges per\nheader: use the realm of the first Basic challenge.\"\n );\n # https://vuxml.freebsd.org/freebsd/2cb21232-fb32-11ea-a929-a4bf014bf5f7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5609d352\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-15523\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:python35\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/21\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"python35<3.5.10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2020-05-15T03:08:34", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "### Background\n\nPython is an interpreted, interactive, object-oriented programming language. \n\n### Description\n\nAn issue was discovered in urllib.request.AbstractBasicAuthHandler which allowed a remote attacker to send malicious data causing extensive regular expression backtracking. \n\n### Impact\n\nAn attacker could cause a possible Denial of Service condition.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Python 2.7 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-2.7.18:2.7\"\n \n\nAll Python 3.6 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.6.10-r2:3.6\"\n \n\nAll Python 3.7 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.7.7-r2:3.7\"\n \n\nAll Python 3.8 users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-lang/python-3.8.2-r2:3.8\"", "edition": 1, "modified": "2020-05-14T00:00:00", "published": "2020-05-14T00:00:00", "id": "GLSA-202005-09", "href": "https://security.gentoo.org/glsa/202005-09", "title": "Python: Denial of Service", "type": "gentoo", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2020-11-10T12:37:01", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "**Issue Overview:**\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. ([CVE-2020-8492 __](<https://access.redhat.com/security/cve/CVE-2020-8492>))\n\n \n**Affected Packages:** \n\n\npython27, python34, python35, python36\n\n \n**Issue Correction:** \nRun _yum update python27_ to update your system. \nRun _yum update python34_ to update your system. \nRun _yum update python35_ to update your system. \nRun _yum update python36_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n python27-test-2.7.18-1.138.amzn1.i686 \n python27-tools-2.7.18-1.138.amzn1.i686 \n python27-libs-2.7.18-1.138.amzn1.i686 \n python27-debuginfo-2.7.18-1.138.amzn1.i686 \n python27-2.7.18-1.138.amzn1.i686 \n python27-devel-2.7.18-1.138.amzn1.i686 \n python34-3.4.10-1.50.amzn1.i686 \n python34-debuginfo-3.4.10-1.50.amzn1.i686 \n python34-tools-3.4.10-1.50.amzn1.i686 \n python34-devel-3.4.10-1.50.amzn1.i686 \n python34-libs-3.4.10-1.50.amzn1.i686 \n python34-test-3.4.10-1.50.amzn1.i686 \n python35-tools-3.5.7-1.26.amzn1.i686 \n python35-devel-3.5.7-1.26.amzn1.i686 \n python35-libs-3.5.7-1.26.amzn1.i686 \n python35-test-3.5.7-1.26.amzn1.i686 \n python35-debuginfo-3.5.7-1.26.amzn1.i686 \n python35-3.5.7-1.26.amzn1.i686 \n python36-libs-3.6.11-1.17.amzn1.i686 \n python36-devel-3.6.11-1.17.amzn1.i686 \n python36-debuginfo-3.6.11-1.17.amzn1.i686 \n python36-tools-3.6.11-1.17.amzn1.i686 \n python36-debug-3.6.11-1.17.amzn1.i686 \n python36-test-3.6.11-1.17.amzn1.i686 \n python36-3.6.11-1.17.amzn1.i686 \n \n src: \n python27-2.7.18-1.138.amzn1.src \n python34-3.4.10-1.50.amzn1.src \n python35-3.5.7-1.26.amzn1.src \n python36-3.6.11-1.17.amzn1.src \n \n x86_64: \n python27-debuginfo-2.7.18-1.138.amzn1.x86_64 \n python27-test-2.7.18-1.138.amzn1.x86_64 \n python27-tools-2.7.18-1.138.amzn1.x86_64 \n python27-2.7.18-1.138.amzn1.x86_64 \n python27-devel-2.7.18-1.138.amzn1.x86_64 \n python27-libs-2.7.18-1.138.amzn1.x86_64 \n python34-debuginfo-3.4.10-1.50.amzn1.x86_64 \n python34-test-3.4.10-1.50.amzn1.x86_64 \n python34-devel-3.4.10-1.50.amzn1.x86_64 \n python34-3.4.10-1.50.amzn1.x86_64 \n python34-libs-3.4.10-1.50.amzn1.x86_64 \n python34-tools-3.4.10-1.50.amzn1.x86_64 \n python35-tools-3.5.7-1.26.amzn1.x86_64 \n python35-devel-3.5.7-1.26.amzn1.x86_64 \n python35-3.5.7-1.26.amzn1.x86_64 \n python35-debuginfo-3.5.7-1.26.amzn1.x86_64 \n python35-test-3.5.7-1.26.amzn1.x86_64 \n python35-libs-3.5.7-1.26.amzn1.x86_64 \n python36-test-3.6.11-1.17.amzn1.x86_64 \n python36-tools-3.6.11-1.17.amzn1.x86_64 \n python36-3.6.11-1.17.amzn1.x86_64 \n python36-debug-3.6.11-1.17.amzn1.x86_64 \n python36-devel-3.6.11-1.17.amzn1.x86_64 \n python36-debuginfo-3.6.11-1.17.amzn1.x86_64 \n python36-libs-3.6.11-1.17.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2020-07-27T23:54:00", "published": "2020-07-27T23:54:00", "id": "ALAS-2020-1407", "href": "https://alas.aws.amazon.com/ALAS-2020-1407.html", "title": "Medium: python27, python34, python35, python36", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:34:38", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "**Issue Overview:**\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. ([CVE-2020-8492 __](<https://access.redhat.com/security/cve/CVE-2020-8492>))\n\n \n**Affected Packages:** \n\n\npython26\n\n \n**Issue Correction:** \nRun _yum update python26_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n python26-2.6.9-2.90.amzn1.i686 \n python26-debuginfo-2.6.9-2.90.amzn1.i686 \n python26-devel-2.6.9-2.90.amzn1.i686 \n python26-libs-2.6.9-2.90.amzn1.i686 \n python26-test-2.6.9-2.90.amzn1.i686 \n python26-tools-2.6.9-2.90.amzn1.i686 \n \n src: \n python26-2.6.9-2.90.amzn1.src \n \n x86_64: \n python26-debuginfo-2.6.9-2.90.amzn1.x86_64 \n python26-devel-2.6.9-2.90.amzn1.x86_64 \n python26-test-2.6.9-2.90.amzn1.x86_64 \n python26-2.6.9-2.90.amzn1.x86_64 \n python26-tools-2.6.9-2.90.amzn1.x86_64 \n python26-libs-2.6.9-2.90.amzn1.x86_64 \n \n \n", "edition": 3, "modified": "2020-07-27T23:54:00", "published": "2020-07-27T23:54:00", "id": "ALAS-2020-1406", "href": "https://alas.aws.amazon.com/ALAS-2020-1406.html", "title": "Medium: python26", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:35:49", "bulletinFamily": "unix", "cvelist": ["CVE-2020-8492"], "description": "**Issue Overview:**\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. ([CVE-2020-8492 __](<https://access.redhat.com/security/cve/CVE-2020-8492>))\n\n \n**Affected Packages:** \n\n\npython, python3\n\n \n**Issue Correction:** \nRun _yum update python_ to update your system. \nRun _yum update python3_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n python-2.7.18-1.amzn2.0.1.aarch64 \n python-libs-2.7.18-1.amzn2.0.1.aarch64 \n python-devel-2.7.18-1.amzn2.0.1.aarch64 \n python-tools-2.7.18-1.amzn2.0.1.aarch64 \n tkinter-2.7.18-1.amzn2.0.1.aarch64 \n python-test-2.7.18-1.amzn2.0.1.aarch64 \n python-debug-2.7.18-1.amzn2.0.1.aarch64 \n python-debuginfo-2.7.18-1.amzn2.0.1.aarch64 \n python3-3.7.8-1.amzn2.0.1.aarch64 \n python3-libs-3.7.8-1.amzn2.0.1.aarch64 \n python3-devel-3.7.8-1.amzn2.0.1.aarch64 \n python3-tools-3.7.8-1.amzn2.0.1.aarch64 \n python3-tkinter-3.7.8-1.amzn2.0.1.aarch64 \n python3-test-3.7.8-1.amzn2.0.1.aarch64 \n python3-debug-3.7.8-1.amzn2.0.1.aarch64 \n python3-debuginfo-3.7.8-1.amzn2.0.1.aarch64 \n \n i686: \n python-2.7.18-1.amzn2.0.1.i686 \n python-libs-2.7.18-1.amzn2.0.1.i686 \n python-devel-2.7.18-1.amzn2.0.1.i686 \n python-tools-2.7.18-1.amzn2.0.1.i686 \n tkinter-2.7.18-1.amzn2.0.1.i686 \n python-test-2.7.18-1.amzn2.0.1.i686 \n python-debug-2.7.18-1.amzn2.0.1.i686 \n python-debuginfo-2.7.18-1.amzn2.0.1.i686 \n python3-3.7.8-1.amzn2.0.1.i686 \n python3-libs-3.7.8-1.amzn2.0.1.i686 \n python3-devel-3.7.8-1.amzn2.0.1.i686 \n python3-tools-3.7.8-1.amzn2.0.1.i686 \n python3-tkinter-3.7.8-1.amzn2.0.1.i686 \n python3-test-3.7.8-1.amzn2.0.1.i686 \n python3-debug-3.7.8-1.amzn2.0.1.i686 \n python3-debuginfo-3.7.8-1.amzn2.0.1.i686 \n \n src: \n python-2.7.18-1.amzn2.0.1.src \n python3-3.7.8-1.amzn2.0.1.src \n \n x86_64: \n python-2.7.18-1.amzn2.0.1.x86_64 \n python-libs-2.7.18-1.amzn2.0.1.x86_64 \n python-devel-2.7.18-1.amzn2.0.1.x86_64 \n python-tools-2.7.18-1.amzn2.0.1.x86_64 \n tkinter-2.7.18-1.amzn2.0.1.x86_64 \n python-test-2.7.18-1.amzn2.0.1.x86_64 \n python-debug-2.7.18-1.amzn2.0.1.x86_64 \n python-debuginfo-2.7.18-1.amzn2.0.1.x86_64 \n python3-3.7.8-1.amzn2.0.1.x86_64 \n python3-libs-3.7.8-1.amzn2.0.1.x86_64 \n python3-devel-3.7.8-1.amzn2.0.1.x86_64 \n python3-tools-3.7.8-1.amzn2.0.1.x86_64 \n python3-tkinter-3.7.8-1.amzn2.0.1.x86_64 \n python3-test-3.7.8-1.amzn2.0.1.x86_64 \n python3-debug-3.7.8-1.amzn2.0.1.x86_64 \n python3-debuginfo-3.7.8-1.amzn2.0.1.x86_64 \n \n \n", "edition": 1, "modified": "2020-07-31T19:22:00", "published": "2020-07-31T19:22:00", "id": "ALAS2-2020-1471", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1471.html", "title": "Medium: python, python3", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-10T12:36:08", "bulletinFamily": "unix", "cvelist": ["CVE-2018-20852", "CVE-2020-8492"], "description": "**Issue Overview:**\n\nhttp.cookiejar.DefaultPolicy.domain_return_ok in Lib/http/cookiejar.py in Python before 3.7.3 does not correctly validate the domain: it can be tricked into sending existing cookies to the wrong server. An attacker may abuse this flaw by using a server with a hostname that has another valid hostname as a suffix (e.g., pythonicexample.com to steal cookies for example.com). When a program uses http.cookiejar.DefaultPolicy and tries to do an HTTP connection to an attacker-controlled server, existing cookies can be leaked to the attacker. This affects 2.x through 2.7.16, 3.x before 3.4.10, 3.5.x before 3.5.7, 3.6.x before 3.6.9, and 3.7.x before 3.7.3.([CVE-2018-20852 __](<https://access.redhat.com/security/cve/CVE-2018-20852>))\n\nPython 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.([CVE-2020-8492 __](<https://access.redhat.com/security/cve/CVE-2020-8492>))\n\n \n**Affected Packages:** \n\n\npython\n\n \n**Issue Correction:** \nRun _yum update python_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n aarch64: \n python-2.7.18-1.amzn2.aarch64 \n python-libs-2.7.18-1.amzn2.aarch64 \n python-devel-2.7.18-1.amzn2.aarch64 \n python-tools-2.7.18-1.amzn2.aarch64 \n tkinter-2.7.18-1.amzn2.aarch64 \n python-test-2.7.18-1.amzn2.aarch64 \n python-debug-2.7.18-1.amzn2.aarch64 \n python-debuginfo-2.7.18-1.amzn2.aarch64 \n \n i686: \n python-2.7.18-1.amzn2.i686 \n python-libs-2.7.18-1.amzn2.i686 \n python-devel-2.7.18-1.amzn2.i686 \n python-tools-2.7.18-1.amzn2.i686 \n tkinter-2.7.18-1.amzn2.i686 \n python-test-2.7.18-1.amzn2.i686 \n python-debug-2.7.18-1.amzn2.i686 \n python-debuginfo-2.7.18-1.amzn2.i686 \n \n src: \n python-2.7.18-1.amzn2.src \n \n x86_64: \n python-2.7.18-1.amzn2.x86_64 \n python-libs-2.7.18-1.amzn2.x86_64 \n python-devel-2.7.18-1.amzn2.x86_64 \n python-tools-2.7.18-1.amzn2.x86_64 \n tkinter-2.7.18-1.amzn2.x86_64 \n python-test-2.7.18-1.amzn2.x86_64 \n python-debug-2.7.18-1.amzn2.x86_64 \n python-debuginfo-2.7.18-1.amzn2.x86_64 \n \n \n", "edition": 1, "modified": "2020-06-01T22:38:00", "published": "2020-06-01T22:38:00", "id": "ALAS2-2020-1432", "href": "https://alas.aws.amazon.com/AL2/ALAS-2020-1432.html", "title": "Medium: python", "type": "amazon", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2020-10-19T18:03:46", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2019-18348", "CVE-2019-20907", "CVE-2019-20916", "CVE-2020-14422", "CVE-2020-26116", "CVE-2020-8492"], "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nThe following packages have been upgraded to a later upstream version: rh-python36-python (3.6.12). (BZ#1873080)\n\nSecurity Fix(es):\n\n* python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935)\n\n* python: CRLF injection via the host part of the url passed to urlopen() (CVE-2019-18348)\n\n* python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)\n\n* python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916)\n\n* python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492)\n\n* python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422)\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* rh-python36-python-pip: Contains multiple bundled libraries, and has no bundled() provides (BZ#1774951)\n\n* Allow rh-python36-python-pip to use system CA certificate Trust (BZ#1826520)", "modified": "2020-10-19T21:55:05", "published": "2020-10-19T21:43:31", "id": "RHSA-2020:4285", "href": "https://access.redhat.com/errata/RHSA-2020:4285", "type": "redhat", "title": "(RHSA-2020:4285) Moderate: rh-python36 security, bug fix, and enhancement update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-10-07T18:05:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2020-8492"], "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935)\n\n* python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.", "modified": "2020-09-29T13:41:35", "published": "2020-09-29T11:40:56", "id": "RHSA-2020:3888", "href": "https://access.redhat.com/errata/RHSA-2020:3888", "type": "redhat", "title": "(RHSA-2020:3888) Moderate: python3 security update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-04T02:33:39", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2019-20907", "CVE-2020-14422", "CVE-2020-8492"], "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935)\n\n* python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)\n\n* python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492)\n\n* python: DoS via inefficiency in IPv{4,6}Interface classes (CVE-2020-14422)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "modified": "2020-11-04T05:03:56", "published": "2020-11-03T17:04:08", "id": "RHSA-2020:4433", "href": "https://access.redhat.com/errata/RHSA-2020:4433", "type": "redhat", "title": "(RHSA-2020:4433) Moderate: python3 security and bug fix update", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-10-20T16:12:00", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2019-20907", "CVE-2019-20916", "CVE-2020-26116"], "description": "Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems.\n\nThe following packages have been upgraded to a later upstream version: python27-python (2.7.18). (BZ#1882656)\n\nSecurity Fix(es):\n\n* python: CRLF injection via the host part of the url passed to urlopen() (CVE-2019-18348)\n\n* python: infinite loop in the tarfile module via crafted TAR archive (CVE-2019-20907)\n\n* python-pip: directory traversal in _download_http_url() function in src/pip/_internal/download.py (CVE-2019-20916)\n\n* python: CRLF injection via HTTP request method in httplib/http.client (CVE-2020-26116)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* python27-python-pip: Bundles own CA bundle instead of using system CA bundle (BZ#1882668)\n\n* python27-python-pip: Contains multiple bundled libraries, and has no bundled() provides (BZ#1882669)", "modified": "2020-10-20T19:51:23", "published": "2020-10-20T19:44:20", "id": "RHSA-2020:4273", "href": "https://access.redhat.com/errata/RHSA-2020:4273", "type": "redhat", "title": "(RHSA-2020:4273) Moderate: python27 security, bug fix, and enhancement update", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}], "suse": [{"lastseen": "2020-03-02T02:33:24", "bulletinFamily": "unix", "cvelist": ["CVE-2019-9674", "CVE-2020-8492"], "description": "This update for python3 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9674: Improved the documentation to reflect the dangers of\n zip-bombs (bsc#1162825).\n - CVE-2020-8492: Fixed a regular expression in urrlib that was prone to\n denial of service via HTTP (bsc#1162367).\n\n Non-security issue fixed:\n\n - If the locale is "C", coerce it to C.UTF-8 (bsc#1162423).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-03-02T00:12:08", "published": "2020-03-02T00:12:08", "id": "OPENSUSE-SU-2020:0274-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00003.html", "title": "Security update for python3 (moderate)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-05-23T03:10:35", "bulletinFamily": "unix", "cvelist": ["CVE-2019-18348", "CVE-2019-9674"], "description": "This update for python fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-18348: Fixed a CRLF injection via the host part of the url\n passed to urlopen(). Now an InvalidURL exception is raised (bsc#1155094).\n - CVE-2019-9674: Improved the documentation to reflect the dangers of\n zip-bombs (bsc#1162825).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2020-05-23T00:16:43", "published": "2020-05-23T00:16:43", "id": "OPENSUSE-SU-2020:0696-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00041.html", "title": "Security update for python (moderate)", "type": "suse", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2020-10-07T06:53:27", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2020-8492"], "description": "[3.6.8-17.0.1]\n- Add Oracle Linux distribution in platform.py [Orabug: 20812544]\n[3.6.8-17]\n- Overhaul pythons FIPS mode support\nResolves: rhbz#1788459\n[3.6.8-16]\n- Security fix for CVE-2020-8492\nResolves: rhbz#1810616\n[3.6.8-15]\n- Security fix for CVE-2019-16935\nResolves: rhbz#1797999\n[3.6.8-14]\n- Provide and obsolete the python36-tools subpackage for EPEL compatibility\nResolves: rhbz#1763730", "edition": 1, "modified": "2020-10-06T00:00:00", "published": "2020-10-06T00:00:00", "id": "ELSA-2020-3888", "href": "http://linux.oracle.com/errata/ELSA-2020-3888.html", "title": "python3 security update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-11-12T03:28:17", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2019-20907", "CVE-2020-14422", "CVE-2020-8492"], "description": "[3.6.8-31.0.1]\n- Add Oracle Linux distribution in platform.py [Orabug: 20812544]\n[3.6.8-31]\n- Avoid infinite loop when reading specially crafted TAR files (CVE-2019-20907)\nResolves: rhbz#1856481\n- Resolve hash collisions for Pv4Interface and IPv6Interface (CVE-2020-14422)\nResolves: rhbz#1854926\n[3.6.8-30]\n- Remove downstream 00178-dont-duplicate-flags-in-sysconfig.patch which\n introduced a bug on distutils.sysconfig.get_config_var('LIBPL')\n (rhbz#1851090).\n[3.6.8-29]\n- Fix python3-config --configdir (rhbz#1772992).\n[3.6.8-28]\n- Security fix for CVE-2020-8492\nResolves: rhbz#1810618\n[3.6.8-27]\n- Add a sentinel value on the Hmac_members table of the fips compliant hmac module\nResolves: rhbz#1800512\n[3.6.8-26]\n- Skip test_startup_imports from test_site if we have a .pth file in sys.path\nResolves: rhbz#1814392\n[3.6.8-25]\n- Security fix for CVE-2019-16935\nResolves: rhbz#1798001\n[3.6.8-24]\n- Build Python with -fno-semantic-interposition for better performance\n- https://fedoraproject.org/wiki/Changes/PythonNoSemanticInterpositionSpeedup\n- Also fix test_gdb failures with Link Time Optimizations\nResolves: rhbz#1724996", "edition": 1, "modified": "2020-11-10T00:00:00", "published": "2020-11-10T00:00:00", "id": "ELSA-2020-4433", "href": "http://linux.oracle.com/errata/ELSA-2020-4433.html", "title": "python3 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2020-10-20T23:11:31", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2020-8492"], "description": "**CentOS Errata and Security Advisory** CESA-2020:3888\n\n\nPython is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. \n\nSecurity Fix(es):\n\n* python: XSS vulnerability in the documentation XML-RPC server in server_title field (CVE-2019-16935)\n\n* python: wrong backtracking in urllib.request.AbstractBasicAuthHandler allows for a ReDoS (CVE-2020-8492)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.9 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2020-October/012810.html\n\n**Affected packages:**\npython3\npython3-debug\npython3-devel\npython3-idle\npython3-libs\npython3-test\npython3-tkinter\n\n**Upstream details at:**\n", "edition": 1, "modified": "2020-10-20T18:48:39", "published": "2020-10-20T18:48:39", "id": "CESA-2020:3888", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2020-October/012810.html", "title": "python3 security update", "type": "centos", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2020-08-12T01:00:53", "bulletinFamily": "unix", "cvelist": ["CVE-2019-16935", "CVE-2019-18348", "CVE-2019-9636", "CVE-2018-20406", "CVE-2019-16056", "CVE-2020-14422", "CVE-2018-20852", "CVE-2019-9740", "CVE-2019-9948", "CVE-2019-9947", "CVE-2019-5010", "CVE-2019-10160", "CVE-2020-8492", "CVE-2019-11340"], "description": "- -------------------------------------------------------------------------\nDebian LTS Advisory DLA-2280-1 debian-lts@lists.debian.org\nhttps://www.debian.org/lts/security/ \nJuly 15, 2020 https://wiki.debian.org/LTS\n- -------------------------------------------------------------------------\n\nPackage : python3.5\nVersion : 3.5.3-1+deb9u2\nCVE ID : CVE-2018-20406 CVE-2018-20852 CVE-2019-5010 CVE-2019-9636\n CVE-2019-9740 CVE-2019-9947 CVE-2019-9948 CVE-2019-10160\n CVE-2019-16056 CVE-2019-16935 CVE-2019-18348 CVE-2020-8492\n CVE-2020-14422\nDebian Bug : 924072 921064 940901\n\nMultiple security issues were discovered in Python, an interactive\nhigh-level object-oriented language.\n\nCVE-2018-20406\n\n Modules/_pickle.c has an integer overflow via a large LONG_BINPUT\n value that is mishandled during a "resize to twice the size"\n attempt. This issue might cause memory exhaustion, but is only\n relevant if the pickle format is used for serializing tens or\n hundreds of gigabytes of data.\n\nCVE-2018-20852\n\n http.cookiejar.DefaultPolicy.domain_return_ok in\n Lib/http/cookiejar.py does not correctly validate the domain: it\n can be tricked into sending existing cookies to the wrong\n server. An attacker may abuse this flaw by using a server with a\n hostname that has another valid hostname as a suffix (e.g.,\n pythonicexample.com to steal cookies for example.com). When a\n program uses http.cookiejar.DefaultPolicy and tries to do an HTTP\n connection to an attacker-controlled server, existing cookies can\n be leaked to the attacker.\n\nCVE-2019-5010\n\n An exploitable denial-of-service vulnerability exists in the X509\n certificate parser. A specially crafted X509 certificate can cause\n a NULL pointer dereference, resulting in a denial of service. An\n attacker can initiate or accept TLS connections using crafted\n certificates to trigger this vulnerability.\n\nCVE-2019-9636\n\n Improper Handling of Unicode Encoding (with an incorrect netloc)\n during NFKC normalization. The impact is: Information disclosure\n (credentials, cookies, etc. that are cached against a given\n hostname). The components are: urllib.parse.urlsplit,\n urllib.parse.urlparse. The attack vector is: A specially crafted\n URL could be incorrectly parsed to locate cookies or\n authentication data and send that information to a different host\n than when parsed correctly.\n\nCVE-2019-9740\n\n An issue was discovered in urllib2. CRLF injection is possible if\n the attacker controls a url parameter, as demonstrated by the\n first argument to urllib.request.urlopen with \\r\\n (specifically\n in the query string after a ? character) followed by an HTTP\n header or a Redis command.\n\nCVE-2019-9947\n\n An issue was discovered in urllib2. CRLF injection is possible if\n the attacker controls a url parameter, as demonstrated by the\n first argument to urllib.request.urlopen with \\r\\n (specifically\n in the path component of a URL that lacks a ? character) followed\n by an HTTP header or a Redis command. This is similar to the\n CVE-2019-9740 query string issue.\n\nCVE-2019-9948\n\n urllib supports the local_file: scheme, which makes it easier for\n remote attackers to bypass protection mechanisms that blacklist\n file: URIs, as demonstrated by triggering a\n urllib.urlopen('local_file:///etc/passwd') call.\n\nCVE-2019-10160\n\n A security regression was discovered in python, which still allows\n an attacker to exploit CVE-2019-9636 by abusing the user and\n password parts of a URL. When an application parses user-supplied\n URLs to store cookies, authentication credentials, or other kind\n of information, it is possible for an attacker to provide\n specially crafted URLs to make the application locate host-related\n information (e.g. cookies, authentication data) and send them to a\n different host than where it should, unlike if the URLs had been\n correctly parsed. The result of an attack may vary based on the\n application.\n\nCVE-2019-16056\n\n The email module wrongly parses email addresses that contain\n multiple @ characters. An application that uses the email module\n and implements some kind of checks on the From/To headers of a\n message could be tricked into accepting an email address that\n should be denied. An attack may be the same as in CVE-2019-11340;\n however, this CVE applies to Python more generally.\n\nCVE-2019-16935\n\n The documentation XML-RPC server has XSS via the server_title\n field. This occurs in Lib/xmlrpc/server.py. If set_server_title is\n called with untrusted input, arbitrary JavaScript can be delivered\n to clients that visit the http URL for this server.\n\nCVE-2019-18348\n\n An issue was discovered in urllib2. CRLF injection is possible if\n the attacker controls a url parameter, as demonstrated by the\n first argument to urllib.request.urlopen with \\r\\n (specifically\n in the host component of a URL) followed by an HTTP header. This\n is similar to the CVE-2019-9740 query string issue and the\n CVE-2019-9947 path string issue\n\nCVE-2020-8492\n\n Python allows an HTTP server to conduct Regular Expression Denial\n of Service (ReDoS) attacks against a client because of\n urllib.request.AbstractBasicAuthHandler catastrophic backtracking.\n\nCVE-2020-14422\n\n Lib/ipaddress.py improperly computes hash values in the\n IPv4Interface and IPv6Interface classes, which might allow a\n remote attacker to cause a denial of service if an application is\n affected by the performance of a dictionary containing\n IPv4Interface or IPv6Interface objects, and this attacker can\n cause many dictionary entries to be created.\n\nFor Debian 9 stretch, these problems have been fixed in version\n3.5.3-1+deb9u2.\n\nWe recommend that you upgrade your python3.5 packages.\n\nFor the detailed security status of python3.5 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/python3.5\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "edition": 3, "modified": "2020-07-15T10:01:04", "published": "2020-07-15T10:01:04", "id": "DEBIAN:DLA-2280-1:96280", "href": "https://lists.debian.org/debian-lts-announce/2020/debian-lts-announce-202007/msg00011.html", "title": "[SECURITY] [DLA 2280-1] python3.5 security update", "type": "debian", "cvss": {"score": 7.1, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:C"}}]}