ID OPENVAS:1361412562310862575 Type openvas Reporter Copyright (c) 2010 Greenbone Networks GmbH Modified 2018-01-23T00:00:00
Description
Check for the Version of bristol
###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for bristol FEDORA-2010-16714
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
include("revisions-lib.inc");
tag_affected = "bristol on Fedora 14";
tag_insight = "Bristol is an emulation package for a number of different 'classic'
synthesizers including additive and subtractive and a few organs.
The application consists of the engine, which is called bristol,
and its own GUI library called brighton that represents all the emulations.";
tag_solution = "Please Install the Updated Packages.";
if(description)
{
script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html");
script_oid("1.3.6.1.4.1.25623.1.0.862575");
script_version("$Revision: 8495 $");
script_tag(name:"last_modification", value:"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $");
script_tag(name:"creation_date", value:"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)");
script_tag(name:"cvss_base", value:"6.9");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
script_xref(name: "FEDORA", value: "2010-16714");
script_cve_id("CVE-2010-3351");
script_name("Fedora Update for bristol FEDORA-2010-16714");
script_tag(name: "summary" , value: "Check for the Version of bristol");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
script_family("Fedora Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("pkg-lib-rpm.inc");
release = get_kb_item("ssh/login/release");
res = "";
if(release == NULL){
exit(0);
}
if(release == "FC14")
{
if ((res = isrpmvuln(pkg:"bristol", rpm:"bristol~0.40.7~7.fc14", rls:"FC14")) != NULL)
{
security_message(data:res);
exit(0);
}
if (__pkg_match) exit(99); # Not vulnerable.
exit(0);
}
{"id": "OPENVAS:1361412562310862575", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for bristol FEDORA-2010-16714", "description": "Check for the Version of bristol", "published": "2010-12-02T00:00:00", "modified": "2018-01-23T00:00:00", "cvss": {"vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/", "score": 6.9}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862575", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["2010-16714", "http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html"], "cvelist": ["CVE-2010-3351"], "lastseen": "2018-01-23T13:05:26", "viewCount": 0, "enchantments": {"score": {"value": 5.8, "vector": "NONE", "modified": "2018-01-23T13:05:26", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-3351"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310862553", "OPENVAS:1361412562310862550", "OPENVAS:862550", "OPENVAS:862553", "OPENVAS:862575"]}, {"type": "nessus", "idList": ["FEDORA_2010-16687.NASL", "FEDORA_2010-16714.NASL", "FEDORA_2010-16676.NASL"]}], "modified": "2018-01-23T13:05:26", "rev": 2}, "vulnersScore": 5.8}, "pluginID": "1361412562310862575", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16714\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 14\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862575\");\n script_version(\"$Revision: 8495 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-23 08:57:49 +0100 (Tue, 23 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16714\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16714\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "naslFamily": "Fedora Local Security Checks", "immutableFields": []}
{"cve": [{"lastseen": "2021-04-21T20:54:22", "description": "startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory.", "edition": 5, "cvss3": {}, "published": "2010-10-20T18:00:00", "title": "CVE-2010-3351", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-3351"], "modified": "2011-09-15T03:16:00", "cpe": ["cpe:/a:nick_copeland:bristol:0.50.3", "cpe:/a:nick_copeland:bristol:0.50.7", "cpe:/a:nick_copeland:bristol:0.9.6-121", "cpe:/a:nick_copeland:bristol:0.20.4", "cpe:/a:nick_copeland:bristol:0.20.9", "cpe:/a:nick_copeland:bristol:0.20.3", "cpe:/a:nick_copeland:bristol:0.40.4", "cpe:/a:nick_copeland:bristol:0.9.5-19", "cpe:/a:nick_copeland:bristol:0.9.4-57", "cpe:/a:nick_copeland:bristol:0.10.11", "cpe:/a:nick_copeland:bristol:0.9.6-212", "cpe:/a:nick_copeland:bristol:0.30.5", "cpe:/a:nick_copeland:bristol:0.9.5-13", "cpe:/a:nick_copeland:bristol:0.30.4", "cpe:/a:nick_copeland:bristol:0.10.4", "cpe:/a:nick_copeland:bristol:0.30.2", "cpe:/a:nick_copeland:bristol:0.10.1", "cpe:/a:nick_copeland:bristol:0.40.3", "cpe:/a:nick_copeland:bristol:0.9.5-48", "cpe:/a:nick_copeland:bristol:0.60.4", "cpe:/a:nick_copeland:bristol:0.20.5", "cpe:/a:nick_copeland:bristol:0.40.7", "cpe:/a:nick_copeland:bristol:0.10.3", "cpe:/a:nick_copeland:bristol:0.30.8", "cpe:/a:nick_copeland:bristol:0.9.5-89", "cpe:/a:nick_copeland:bristol:0.10.8", "cpe:/a:nick_copeland:bristol:0.30.6", "cpe:/a:nick_copeland:bristol:0.9.6-113", "cpe:/a:nick_copeland:bristol:0.30.7", "cpe:/a:nick_copeland:bristol:0.20.7", "cpe:/a:nick_copeland:bristol:0.30.9", "cpe:/a:nick_copeland:bristol:0.9.5-60", "cpe:/a:nick_copeland:bristol:0.9.6-169", "cpe:/a:nick_copeland:bristol:0.60.6", "cpe:/a:nick_copeland:bristol:0.9.4-1", "cpe:/a:nick_copeland:bristol:0.10.10", "cpe:/a:nick_copeland:bristol:0.60.1", "cpe:/a:nick_copeland:bristol:0.10.5", "cpe:/a:nick_copeland:bristol:0.60.7", "cpe:/a:nick_copeland:bristol:0.30.3", "cpe:/a:nick_copeland:bristol:0.9.5-37", "cpe:/a:nick_copeland:bristol:0.10.6", "cpe:/a:nick_copeland:bristol:0.10.13", "cpe:/a:nick_copeland:bristol:0.20.6", "cpe:/a:nick_copeland:bristol:0.20.8", "cpe:/a:nick_copeland:bristol:0.9.3", "cpe:/a:nick_copeland:bristol:0.10.7", "cpe:/a:nick_copeland:bristol:0.60.3", "cpe:/a:nick_copeland:bristol:0.60.2", "cpe:/a:nick_copeland:bristol:0.50.5", "cpe:/a:nick_copeland:bristol:0.20.10", "cpe:/a:nick_copeland:bristol:0.20.2", "cpe:/a:nick_copeland:bristol:0.10.2", "cpe:/a:nick_copeland:bristol:0.40.8", "cpe:/a:nick_copeland:bristol:0.60.5", "cpe:/a:nick_copeland:bristol:0.60.0", "cpe:/a:nick_copeland:bristol:0.50.8", "cpe:/a:nick_copeland:bristol:0.9.5-66", "cpe:/a:nick_copeland:bristol:0.30.1", "cpe:/a:nick_copeland:bristol:0.9.6-150", "cpe:/a:nick_copeland:bristol:0.40.6", "cpe:/a:nick_copeland:bristol:0.20.1", "cpe:/a:nick_copeland:bristol:0.10.9", "cpe:/a:nick_copeland:bristol:0.50.6", "cpe:/a:nick_copeland:bristol:0.10.12", "cpe:/a:nick_copeland:bristol:0.50.2", "cpe:/a:nick_copeland:bristol:0.40.5"], "id": "CVE-2010-3351", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3351", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:nick_copeland:bristol:0.20.8:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.4:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.11:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.2:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.13:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.4:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.12:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.6-212:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.6-169:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.2:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.7:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-89:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.10:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-37:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.4:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.2:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.1:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.6-150:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.7:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.4:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.1:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.1:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.2:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.7:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.4-1:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-48:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.9:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.9:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.6:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.7:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-19:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.9:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.0:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.6-121:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-60:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.8:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.20.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.60.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.30.8:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.50.8:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.10.10:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-13:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.4-57:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.5-66:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.5:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.9.6-113:*:*:*:*:*:*:*", "cpe:2.3:a:nick_copeland:bristol:0.40.7:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2018-01-18T11:05:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "description": "Check for the Version of bristol", "modified": "2018-01-17T00:00:00", "published": "2010-11-16T00:00:00", "id": "OPENVAS:1361412562310862550", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862550", "type": "openvas", "title": "Fedora Update for bristol FEDORA-2010-16687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16687\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 13\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050805.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862550\");\n script_version(\"$Revision: 8440 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 08:58:46 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16687\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16687\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-03T10:54:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "description": "Check for the Version of bristol", "modified": "2018-01-02T00:00:00", "published": "2010-11-16T00:00:00", "id": "OPENVAS:1361412562310862553", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862553", "type": "openvas", "title": "Fedora Update for bristol FEDORA-2010-16676", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16676\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 12\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050787.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862553\");\n script_version(\"$Revision: 8269 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 08:28:22 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16676\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16676\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-15T11:57:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "description": "Check for the Version of bristol", "modified": "2017-12-15T00:00:00", "published": "2010-11-16T00:00:00", "id": "OPENVAS:862553", "href": "http://plugins.openvas.org/nasl.php?oid=862553", "type": "openvas", "title": "Fedora Update for bristol FEDORA-2010-16676", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16676\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 12\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050787.html\");\n script_id(862553);\n script_version(\"$Revision: 8130 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-15 07:31:09 +0100 (Fri, 15 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16676\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16676\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-12-21T11:33:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "description": "Check for the Version of bristol", "modified": "2017-12-20T00:00:00", "published": "2010-11-16T00:00:00", "id": "OPENVAS:862550", "href": "http://plugins.openvas.org/nasl.php?oid=862550", "type": "openvas", "title": "Fedora Update for bristol FEDORA-2010-16687", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16687\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 13\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050805.html\");\n script_id(862550);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-11-16 14:49:48 +0100 (Tue, 16 Nov 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16687\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16687\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC13\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc13\", rls:\"FC13\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:54:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "description": "Check for the Version of bristol", "modified": "2017-12-22T00:00:00", "published": "2010-12-02T00:00:00", "id": "OPENVAS:862575", "href": "http://plugins.openvas.org/nasl.php?oid=862575", "type": "openvas", "title": "Fedora Update for bristol FEDORA-2010-16714", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for bristol FEDORA-2010-16714\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"bristol on Fedora 14\";\ntag_insight = \"Bristol is an emulation package for a number of different 'classic'\n synthesizers including additive and subtractive and a few organs.\n The application consists of the engine, which is called bristol,\n and its own GUI library called brighton that represents all the emulations.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html\");\n script_id(862575);\n script_version(\"$Revision: 8226 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-22 07:30:26 +0100 (Fri, 22 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-12-02 08:39:14 +0100 (Thu, 02 Dec 2010)\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"FEDORA\", value: \"2010-16714\");\n script_cve_id(\"CVE-2010-3351\");\n script_name(\"Fedora Update for bristol FEDORA-2010-16714\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of bristol\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC14\")\n{\n\n if ((res = isrpmvuln(pkg:\"bristol\", rpm:\"bristol~0.40.7~7.fc14\", rls:\"FC14\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-12T10:08:18", "description": "This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-11-15T00:00:00", "title": "Fedora 12 : bristol-0.40.7-7.fc12 (2010-16676)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "modified": "2010-11-15T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:bristol", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-16676.NASL", "href": "https://www.tenable.com/plugins/nessus/50584", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-16676.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50584);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3351\");\n script_xref(name:\"FEDORA\", value:\"2010-16676\");\n\n script_name(english:\"Fedora 12 : bristol-0.40.7-7.fc12 (2010-16676)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=638376\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050787.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a9889fea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bristol package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bristol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"bristol-0.40.7-7.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bristol\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:08:18", "description": "This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-11-15T00:00:00", "title": "Fedora 13 : bristol-0.40.7-7.fc13 (2010-16687)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "modified": "2010-11-15T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:bristol"], "id": "FEDORA_2010-16687.NASL", "href": "https://www.tenable.com/plugins/nessus/50585", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-16687.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50585);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3351\");\n script_xref(name:\"FEDORA\", value:\"2010-16687\");\n\n script_name(english:\"Fedora 13 : bristol-0.40.7-7.fc13 (2010-16687)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=638376\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050805.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e915f3d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bristol package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bristol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"bristol-0.40.7-7.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bristol\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:08:18", "description": "This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-11-15T00:00:00", "title": "Fedora 14 : bristol-0.40.7-7.fc14 (2010-16714)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-3351"], "modified": "2010-11-15T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:14", "p-cpe:/a:fedoraproject:fedora:bristol"], "id": "FEDORA_2010-16714.NASL", "href": "https://www.tenable.com/plugins/nessus/50586", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-16714.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(50586);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-3351\");\n script_xref(name:\"FEDORA\", value:\"2010-16714\");\n\n script_name(english:\"Fedora 14 : bristol-0.40.7-7.fc14 (2010-16714)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update stops altering LD_LIBRARY_PATH for Bristol insecurely at\nruntime.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=638376\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-November/050784.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8993746c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected bristol package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:bristol\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:14\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/11/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^14([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 14.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC14\", reference:\"bristol-0.40.7-7.fc14\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bristol\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3351"], "description": "Bristol is an emulation package for a number of different 'classic' synthesizers including additive and subtractive and a few organs. The application consists of the engine, which is called bristol, and its own GUI library called brighton that represents all the emulations. ", "modified": "2010-11-13T22:06:57", "published": "2010-11-13T22:06:57", "id": "FEDORA:B096110FE54", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: bristol-0.40.7-7.fc13", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3351"], "description": "Bristol is an emulation package for a number of different 'classic' synthesizers including additive and subtractive and a few organs. The application consists of the engine, which is called bristol, and its own GUI library called brighton that represents all the emulations. ", "modified": "2010-11-13T22:03:07", "published": "2010-11-13T22:03:07", "id": "FEDORA:1AA8F111208", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: bristol-0.40.7-7.fc12", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-3351"], "description": "Bristol is an emulation package for a number of different 'classic' synthesizers including additive and subtractive and a few organs. The application consists of the engine, which is called bristol, and its own GUI library called brighton that represents all the emulations. ", "modified": "2010-11-13T22:02:36", "published": "2010-11-13T22:02:36", "id": "FEDORA:A27B2111A12", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 14 Update: bristol-0.40.7-7.fc14", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}]}
