Search...

Fedora Update for polkit-qt FEDORA-2014-9641

2014-09-20T00:00:00

ID OPENVAS:1361412562310868188
Type openvas
Reporter Copyright (C) 2014 Greenbone Networks GmbH
Modified 2019-03-15T00:00:00

Description

The remote host is missing an update for the

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for polkit-qt FEDORA-2014-9641
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.868188");
  script_version("$Revision: 14223 $");
  script_tag(name:"last_modification", value:"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $");
  script_tag(name:"creation_date", value:"2014-09-20 05:59:41 +0200 (Sat, 20 Sep 2014)");
  script_cve_id("CVE-2014-5033");
  script_tag(name:"cvss_base", value:"6.9");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:M/Au:N/C:C/I:C/A:C");
  script_name("Fedora Update for polkit-qt FEDORA-2014-9641");
  script_tag(name:"affected", value:"polkit-qt on Fedora 20");
  script_tag(name:"solution", value:"Please install the updated package(s).");
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  script_xref(name:"FEDORA", value:"2014-9641");
  script_xref(name:"URL", value:"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137844.html");
  script_tag(name:"summary", value:"The remote host is missing an update for the 'polkit-qt'
  package(s) announced via the referenced advisory.");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2014 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms", re:"ssh/login/release=FC20");

  exit(0);
}

include("revisions-lib.inc");
include("pkg-lib-rpm.inc");

release = rpm_get_ssh_release();
if(!release)
  exit(0);

res = "";

if(release == "FC20")
{

  if ((res = isrpmvuln(pkg:"polkit-qt", rpm:"polkit-qt~0.112.0~1.fc20", rls:"FC20")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99);
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:1361412562310868188", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for polkit-qt FEDORA-2014-9641", "description": "The remote host is missing an update for the ", "published": "2014-09-20T00:00:00", "modified": "2019-03-15T00:00:00", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868188", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137844.html", "2014-9641"], "cvelist": ["CVE-2014-5033"], "lastseen": "2019-05-29T18:37:37", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2014-9641", "CVE-2014-5033"]}, {"type": "fedora", "idList": ["FEDORA:2A3D9220D2", "FEDORA:47234227AC", "FEDORA:03AB2222C7", "FEDORA:93D4A22AB8", "FEDORA:395B1220D2", "FEDORA:273642276E", "FEDORA:DC97D22A45", "FEDORA:76A8E222C7", "FEDORA:A1943225C7", "FEDORA:69004220D2"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310868222", "OPENVAS:1361412562310868278", "OPENVAS:1361412562310868251", "OPENVAS:1361412562310868295", "OPENVAS:1361412562310868337", "OPENVAS:1361412562310868247", "OPENVAS:1361412562310868279", "OPENVAS:1361412562310868343", "OPENVAS:1361412562310868238", "OPENVAS:1361412562310868225"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:13893"]}, {"type": "nessus", "idList": ["FEDORA_2014-9602.NASL", "UBUNTU_USN-2304-1.NASL", "CENTOS_RHSA-2014-1359.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DLA-76-1:76BAE"]}], "modified": "2019-05-29T18:37:37", "rev": 2}, "score": {"value": 6.4, "vector": "NONE", "modified": "2019-05-29T18:37:37", "rev": 2}, "vulnersScore": 6.4}, "pluginID": "1361412562310868188", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for polkit-qt FEDORA-2014-9641\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868188\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-09-20 05:59:41 +0200 (Sat, 20 Sep 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for polkit-qt FEDORA-2014-9641\");\n script_tag(name:\"affected\", value:\"polkit-qt on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-9641\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137844.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'polkit-qt'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"polkit-qt\", rpm:\"polkit-qt~0.112.0~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T06:14:31", "description": "KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and \"PID reuse race conditions.\"", "edition": 6, "cvss3": {}, "published": "2014-08-19T18:55:00", "title": "CVE-2014-5033", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-5033"], "modified": "2014-10-16T07:22:00", "cpe": ["cpe:/a:kde:kdelibs:4.12.2", "cpe:/a:kde:kdelibs:4.11.80", "cpe:/a:kde:kdelibs:4.13.1", "cpe:/a:kde:kdelibs:4.10.0", "cpe:/a:debian:kde4libs:-", "cpe:/a:kde:kdelibs:4.13.3", "cpe:/a:kde:kdelibs:4.12.80", "cpe:/a:kde:kdelibs:4.10.97", "cpe:/o:canonical:ubuntu_linux:12.04", "cpe:/a:kde:kdelibs:4.11.5", "cpe:/a:kde:kdelibs:4.12.1", "cpe:/a:kde:kdelibs:4.10.2", "cpe:/a:kde:kdelibs:4.11.97", "cpe:/a:kde:kdelibs:4.13.2", "cpe:/a:kde:kdelibs:4.10.1", "cpe:/a:kde:kdelibs:4.12.5", "cpe:/a:kde:kauth:5.0", "cpe:/a:kde:kdelibs:4.12.97", "cpe:/a:kde:kdelibs:4.11.3", "cpe:/a:kde:kdelibs:4.10.3", "cpe:/a:kde:kdelibs:4.13.80", "cpe:/a:kde:kdelibs:4.11.90", "cpe:/a:kde:kdelibs:4.12.4", "cpe:/a:kde:kdelibs:4.12.0", "cpe:/a:kde:kdelibs:4.13.0", "cpe:/a:kde:kdelibs:4.13.95", "cpe:/a:kde:kdelibs:4.13.97", "cpe:/a:kde:kdelibs:4.12.90", "cpe:/a:kde:kdelibs:4.11.4", "cpe:/a:kde:kdelibs:4.11.2", "cpe:/a:kde:kdelibs:4.11.95", "cpe:/a:kde:kdelibs:4.13.90", "cpe:/a:kde:kdelibs:4.11.0", "cpe:/a:kde:kdelibs:4.10.95", "cpe:/a:kde:kdelibs:4.12.95", "cpe:/a:kde:kdelibs:4.12.3", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/a:kde:kdelibs:4.11.1"], "id": "CVE-2014-5033", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-5033", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:kde:kdelibs:4.12.4:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.97:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.5:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.4:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.90:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.5:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.2:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.0:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.97:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.90:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.95:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:debian:kde4libs:-:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.0:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.95:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.97:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.80:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.95:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.0:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.95:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.97:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.0:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.13.80:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.90:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kauth:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.2:*:*:*:*:*:*:*", "cpe:2.3:a:kde:kdelibs:4.12.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe:2.3:a:kde:kdelibs:4.11.80:*:*:*:*:*:*:*"]}], "securityvulns": [{"lastseen": "2018-08-31T11:09:56", "bulletinFamily": "software", "cvelist": ["CVE-2014-5033"], "description": "Kauth polkit authorization check bypass.", "edition": 1, "modified": "2014-08-04T00:00:00", "published": "2014-08-04T00:00:00", "id": "SECURITYVULNS:VULN:13893", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:13893", "title": "KDE restrictions bypass", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:52", "bulletinFamily": "software", "cvelist": ["CVE-2014-5033"], "description": "\r\n\r\n==========================================================================\r\nUbuntu Security Notice USN-2304-1\r\nJuly 31, 2014\r\n\r\nkde4libs vulnerability\r\n==========================================================================\r\n\r\nA security issue affects these releases of Ubuntu and its derivatives:\r\n\r\n- Ubuntu 14.04 LTS\r\n- Ubuntu 12.04 LTS\r\n\r\nSummary:\r\n\r\nkauth could be tricked into bypassing polkit authorizations.\r\n\r\nSoftware Description:\r\n- kde4libs: KDE 4 core applications and libraries\r\n\r\nDetails:\r\n\r\nIt was discovered that kauth was using polkit in an unsafe manner. A local\r\nattacker could possibly use this issue to bypass intended polkit\r\nauthorizations.\r\n\r\nUpdate instructions:\r\n\r\nThe problem can be corrected by updating your system to the following\r\npackage versions:\r\n\r\nUbuntu 14.04 LTS:\r\n kdelibs5-plugins 4:4.13.2a-0ubuntu0.3\r\n\r\nUbuntu 12.04 LTS:\r\n kdelibs5-plugins 4:4.8.5-0ubuntu0.4\r\n\r\nAfter a standard system update you need to reboot your computer to make\r\nall the necessary changes.\r\n\r\nReferences:\r\n http://www.ubuntu.com/usn/usn-2304-1\r\n CVE-2014-5033\r\n\r\nPackage Information:\r\n https://launchpad.net/ubuntu/+source/kde4libs/4:4.13.2a-0ubuntu0.3\r\n https://launchpad.net/ubuntu/+source/kde4libs/4:4.8.5-0ubuntu0.4\r\n\r\n\r\n\r\n\r\n-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\r\n\r\n", "edition": 1, "modified": "2014-08-04T00:00:00", "published": "2014-08-04T00:00:00", "id": "SECURITYVULNS:DOC:30963", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:30963", "title": "[USN-2304-1] KDE-Libs vulnerability", "type": "securityvulns", "cvss": {"score": 6.9, "vector": "AV:LOCAL/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2019-05-29T18:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868334", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868334", "type": "openvas", "title": "Fedora Update for amor FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for amor FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868334\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:59 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for amor FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"amor on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138720.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'amor'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"amor\", rpm:\"amor~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868346", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868346", "type": "openvas", "title": "Fedora Update for kstars FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kstars FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868346\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 17:00:06 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kstars FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kstars on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138797.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kstars'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kstars\", rpm:\"kstars~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868272", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868272", "type": "openvas", "title": "Fedora Update for kate FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kate FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868272\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:58:36 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kate FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kate on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138737.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kate'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kate\", rpm:\"kate~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:31", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868289", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868289", "type": "openvas", "title": "Fedora Update for kalzium FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kalzium FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868289\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:58:45 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kalzium FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kalzium on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138735.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kalzium'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kalzium\", rpm:\"kalzium~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868228", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868228", "type": "openvas", "title": "Fedora Update for qyoto FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for qyoto FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868228\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:00 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for qyoto FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"qyoto on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138820.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'qyoto'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"qyoto\", rpm:\"qyoto~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868321", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868321", "type": "openvas", "title": "Fedora Update for parley FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for parley FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868321\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:43 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for parley FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"parley on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138823.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'parley'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"parley\", rpm:\"parley~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868336", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868336", "type": "openvas", "title": "Fedora Update for kmouth FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kmouth FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868336\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:54 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kmouth FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kmouth on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138782.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kmouth'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kmouth\", rpm:\"kmouth~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868300", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868300", "type": "openvas", "title": "Fedora Update for kcalc FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kcalc FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868300\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:03 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kcalc FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kcalc on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138741.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kcalc'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kcalc\", rpm:\"kcalc~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:40", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868235", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868235", "type": "openvas", "title": "Fedora Update for kwordquiz FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kwordquiz FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868235\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:59:01 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kwordquiz FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kwordquiz on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138803.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kwordquiz'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kwordquiz\", rpm:\"kwordquiz~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:37:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2014-10-01T00:00:00", "id": "OPENVAS:1361412562310868263", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868263", "type": "openvas", "title": "Fedora Update for kgamma FEDORA-2014-11448", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for kgamma FEDORA-2014-11448\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868263\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-10-01 16:58:23 +0530 (Wed, 01 Oct 2014)\");\n script_cve_id(\"CVE-2014-5033\");\n script_tag(name:\"cvss_base\", value:\"6.9\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Update for kgamma FEDORA-2014-11448\");\n script_tag(name:\"affected\", value:\"kgamma on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-11448\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-September/138771.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kgamma'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"kgamma\", rpm:\"kgamma~4.14.1~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "fedora": [{"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "KDE PIM Runtime Environment. ", "modified": "2014-09-27T09:47:46", "published": "2014-09-27T09:47:46", "id": "FEDORA:9CE8C220D2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kdepim-runtime-4.14.1-2.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Networking applications, including: * kdenetwork-filesharing: Network filesharing * kdnssd: Network Monitor for DNS-SD services (Zeroconf) * kget: Downloade manager * kopete: Chat client * kppp: Dialer and front end for pppd * krdc: Remote desktop client * krfb: Desktop sharing ", "modified": "2014-09-27T09:47:46", "published": "2014-09-27T09:47:46", "id": "FEDORA:6145B220D2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kdenetwork-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Additional plasmoids for KDE. ", "modified": "2014-09-27T09:47:47", "published": "2014-09-27T09:47:47", "id": "FEDORA:C346A225C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kdeplasma-addons-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "KFloppy is a utility that provides a straightforward graphical means to format 3.5\" and 5.25\" floppy disks. ", "modified": "2014-09-27T09:47:47", "published": "2014-09-27T09:47:47", "id": "FEDORA:4D576222C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kfloppy-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Libkdcraw is a C++ interface around LibRaw library used to decode RAW picture files. More information about LibRaw can be found at http://www.libraw.org. ", "modified": "2014-09-27T09:47:50", "published": "2014-09-27T09:47:50", "id": "FEDORA:2AA2E225C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libkdcraw-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Media player. ", "modified": "2014-09-27T09:47:43", "published": "2014-09-27T09:47:43", "id": "FEDORA:4F234225C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: dragon-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Metapackage for Core applications of KDE 4, including: dolphin : File manager kdepasswd : Changes a UNIX password kdialog : Nice dialog boxes from shell scripts keditbookmarks : Bookmark organizer and editor kfind : File find utility konqueror : Web browser, file manager and document viewer plasma_applet_folderview : folderview plasma applet ", "modified": "2014-09-27T09:47:53", "published": "2014-09-27T09:47:53", "id": "FEDORA:EE8E722787", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kde-baseapps-4.14.1-2.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "A screen magnifier. ", "modified": "2014-09-27T09:47:48", "published": "2014-09-27T09:47:48", "id": "FEDORA:1CB61222C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: kmag-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Marble is a Virtual Globe and World Atlas that you can use to learn more about Earth: You can pan and zoom around and you can look up places and roads. A mouse click on a place label will provide the respective Wikipedia article. Of course it's also possible to measure distances between locations or watch the current cloud cover. Marble offers different thematic maps: A classroom- style topographic map, a satellite view, street map, earth at night and temperature and precipitation maps. All maps include a custom map key, so it can also be used as an educational tool for use in class-rooms. For educational purposes you can also change date and time and watch how the starry sky and the twilight zone on the map change. In opposite to other virtual globes Marble also features multiple projections: Choose between a Flat Map (\"Plate carr=C3=A9\"), Mercator or th e Globe. ", "modified": "2014-09-27T09:47:50", "published": "2014-09-27T09:47:50", "id": "FEDORA:90A35225C7", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: marble-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:52", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Widgets for Baloo. ", "modified": "2014-09-27T09:47:43", "published": "2014-09-27T09:47:43", "id": "FEDORA:1885622919", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: baloo-widgets-4.14.1-1.fc20", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-12T10:13:07", "description": "updated to the new release of polkit-qt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-09-22T00:00:00", "title": "Fedora 19 : polkit-qt-0.112.0-1.fc19 (2014-9602)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "modified": "2014-09-22T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:polkit-qt"], "id": "FEDORA_2014-9602.NASL", "href": "https://www.tenable.com/plugins/nessus/77771", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9602.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77771);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-5033\");\n script_bugtraq_id(68771);\n script_xref(name:\"FEDORA\", value:\"2014-9602\");\n\n script_name(english:\"Fedora 19 : polkit-qt-0.112.0-1.fc19 (2014-9602)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"updated to the new release of polkit-qt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1094890\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137764.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52ff9bf4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected polkit-qt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:polkit-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"polkit-qt-0.112.0-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit-qt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:27:39", "description": "It was discovered that kauth was using polkit in an unsafe manner. A\nlocal attacker could possibly use this issue to bypass intended polkit\nauthorizations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 22, "published": "2014-08-01T00:00:00", "title": "Ubuntu 12.04 LTS / 14.04 LTS : kde4libs vulnerability (USN-2304-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "modified": "2014-08-01T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:kdelibs5-plugins", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:14.04"], "id": "UBUNTU_USN-2304-1.NASL", "href": "https://www.tenable.com/plugins/nessus/76962", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-2304-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76962);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2014-5033\");\n script_bugtraq_id(68771);\n script_xref(name:\"USN\", value:\"2304-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 14.04 LTS : kde4libs vulnerability (USN-2304-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that kauth was using polkit in an unsafe manner. A\nlocal attacker could possibly use this issue to bypass intended polkit\nauthorizations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/2304-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs5-plugins package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:kdelibs5-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2014-2020 Canonical, Inc. / NASL script (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"kdelibs5-plugins\", pkgver:\"4:4.8.5-0ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"14.04\", pkgname:\"kdelibs5-plugins\", pkgver:\"4:4.13.2a-0ubuntu0.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs5-plugins\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:29:46", "description": "Updated polkit-qt packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nPolkit-qt is a library that lets developers use the PolicyKit API\nthrough a Qt-styled API. The polkit-qt library is used by the KDE\nAuthentication Agent (KAuth), which is a part of kdelibs.\n\nIt was found that polkit-qt handled authorization requests with\nPolicyKit via a D-Bus API that is vulnerable to a race condition. A\nlocal user could use this flaw to bypass intended PolicyKit\nauthorizations. This update modifies polkit-qt to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2014-5033)\n\nAll polkit-qt users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.", "edition": 23, "published": "2014-10-07T00:00:00", "title": "CentOS 7 : polkit-qt (CESA-2014:1359)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "modified": "2014-10-07T00:00:00", "cpe": ["p-cpe:/a:centos:centos:polkit-qt-devel", "p-cpe:/a:centos:centos:polkit-qt", "p-cpe:/a:centos:centos:polkit-qt-doc", "cpe:/o:centos:centos:7"], "id": "CENTOS_RHSA-2014-1359.NASL", "href": "https://www.tenable.com/plugins/nessus/78070", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2014:1359 and \n# CentOS Errata and Security Advisory 2014:1359 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78070);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2014-5033\");\n script_xref(name:\"RHSA\", value:\"2014:1359\");\n\n script_name(english:\"CentOS 7 : polkit-qt (CESA-2014:1359)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated polkit-qt packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nPolkit-qt is a library that lets developers use the PolicyKit API\nthrough a Qt-styled API. The polkit-qt library is used by the KDE\nAuthentication Agent (KAuth), which is a part of kdelibs.\n\nIt was found that polkit-qt handled authorization requests with\nPolicyKit via a D-Bus API that is vulnerable to a race condition. A\nlocal user could use this flaw to bypass intended PolicyKit\nauthorizations. This update modifies polkit-qt to communicate with\nPolicyKit via a different API that is not vulnerable to the race\ncondition. (CVE-2014-5033)\n\nAll polkit-qt users are advised to upgrade to these updated packages,\nwhich contain a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2014-October/020671.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d100244d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected polkit-qt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-5033\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:polkit-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:polkit-qt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:polkit-qt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/08/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 7.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"polkit-qt-0.103.0-10.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"polkit-qt-devel-0.103.0-10.el7_0\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"polkit-qt-doc-0.103.0-10.el7_0\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit-qt / polkit-qt-devel / polkit-qt-doc\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:12:04", "description": "The update has a fix for CVE-2014-5033, KAuth was calling PolicyKit 1\n(polkit) in an insecure way.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-10-11T00:00:00", "title": "Fedora 19 : kdelibs-4.11.5-5.fc19 (2014-11348)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "modified": "2014-10-11T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:19", "p-cpe:/a:fedoraproject:fedora:kdelibs"], "id": "FEDORA_2014-11348.NASL", "href": "https://www.tenable.com/plugins/nessus/78241", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-11348.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78241);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-5033\");\n script_bugtraq_id(68771);\n script_xref(name:\"FEDORA\", value:\"2014-11348\");\n\n script_name(english:\"Fedora 19 : kdelibs-4.11.5-5.fc19 (2014-11348)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The update has a fix for CVE-2014-5033, KAuth was calling PolicyKit 1\n(polkit) in an insecure way.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1094890\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-October/140293.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c79ee02d\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected kdelibs package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kdelibs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"kdelibs-4.11.5-5.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kdelibs\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:13:08", "description": "updated to the new release of polkit-qt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 14, "published": "2014-09-22T00:00:00", "title": "Fedora 20 : polkit-qt-0.112.0-1.fc20 (2014-9641)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2014-5033"], "modified": "2014-09-22T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:polkit-qt", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-9641.NASL", "href": "https://www.tenable.com/plugins/nessus/77772", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-9641.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(77772);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2014-5033\");\n script_bugtraq_id(68771);\n script_xref(name:\"FEDORA\", value:\"2014-9641\");\n\n script_name(english:\"Fedora 20 : polkit-qt-0.112.0-1.fc20 (2014-9641)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"updated to the new release of polkit-qt\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1094890\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-September/137844.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?27852492\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected polkit-qt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:polkit-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/08/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/09/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"polkit-qt-0.112.0-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"polkit-qt\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:15:49", "bulletinFamily": "unix", "cvelist": ["CVE-2014-5033"], "description": "Package : kde4libs\nVersion : 4:4.4.5-2+squeeze4\nCVE ID : CVE-2014-5033\n\nIt was discovered that KAuth, part of kdelibs, uses polkit in a way\nthat is prone to a race condition that may allow authorization bypass.\n", "edition": 9, "modified": "2014-10-24T11:43:39", "published": "2014-10-24T11:43:39", "id": "DEBIAN:DLA-76-1:76BAE", "href": "https://lists.debian.org/debian-lts-announce/2014/debian-lts-announce-201410/msg00009.html", "title": "[SECURITY] [DLA 76-1] kde4libs security update", "type": "debian", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}]}