{"openvas": [{"lastseen": "2019-05-29T18:37:10", "description": "Check the version of Pound", "cvss3": {}, "published": "2014-11-12T00:00:00", "type": "openvas", "title": "Fedora Update for Pound FEDORA-2014-13777", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566", "CVE-2005-2090", "CVE-2011-3389", "CVE-2012-4929"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868477", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868477", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for Pound FEDORA-2014-13777\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868477\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-12 06:23:11 +0100 (Wed, 12 Nov 2014)\");\n script_cve_id(\"CVE-2011-3389\", \"CVE-2012-4929\", \"CVE-2005-2090\", \"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for Pound FEDORA-2014-13777\");\n script_tag(name:\"summary\", value:\"Check the version of Pound\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"Pound on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-13777\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143507.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"Pound\", rpm:\"Pound~2.6~8.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:36:33", "description": "Pound, a HTTP reverse proxy and\nload balancer, had several issues related to vulnerabilities in the Secure\nSockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually\npossible to disable client-initiated renegotiation and disables it by default\n(CVE-2009-3555).\nTLS compression is disabled (CVE-2012-4929),\nalthough this is normally already disabled by the OpenSSL system library.\nFinally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566)\nentirely via the new DisableSSLv3\nconfiguration directive, although it\nwill not disabled by default in this update. Additionally a non-security\nsensitive issue in redirect encoding is\naddressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555\n).\nThis update addresses that issue for jessie.", "cvss3": {}, "published": "2015-05-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3253-1 (pound - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566", "CVE-2012-4929", "CVE-2009-3555"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310703253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703253", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3253.nasl 14278 2019-03-18 14:47:26Z cfischer $\n# Auto-generated from advisory DSA 3253-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703253\");\n script_version(\"$Revision: 14278 $\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2012-4929\", \"CVE-2014-3566\");\n script_name(\"Debian Security Advisory DSA 3253-1 (pound - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:47:26 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-05-07 00:00:00 +0200 (Thu, 07 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2015/dsa-3253.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n script_tag(name:\"affected\", value:\"pound on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution\n(wheezy), these problems have been fixed in version 2.6-2+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.6-6+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.6-6.1.\n\nWe recommend that you upgrade your pound packages.\");\n script_tag(name:\"summary\", value:\"Pound, a HTTP reverse proxy and\nload balancer, had several issues related to vulnerabilities in the Secure\nSockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually\npossible to disable client-initiated renegotiation and disables it by default\n(CVE-2009-3555).\nTLS compression is disabled (CVE-2012-4929),\nalthough this is normally already disabled by the OpenSSL system library.\nFinally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566)\nentirely via the new DisableSSLv3\nconfiguration directive, although it\nwill not disabled by default in this update. Additionally a non-security\nsensitive issue in redirect encoding is\naddressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555\n).\nThis update addresses that issue for jessie.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed\nsoftware version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"pound\", ver:\"2.6-2+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2017-07-24T12:53:05", "description": "Pound, a HTTP reverse proxy and\nload balancer, had several issues related to vulnerabilities in the Secure\nSockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually\npossible to disable client-initiated renegotiation and disables it by default\n(CVE-2009-3555).\nTLS compression is disabled (CVE-2012-4929),\nalthough this is normally already disabled by the OpenSSL system library.\nFinally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566)\nentirely via the new DisableSSLv3 \nconfiguration directive, although it\nwill not disabled by default in this update. Additionally a non-security\nsensitive issue in redirect encoding is\naddressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555 \n).\nThis update addresses that issue for jessie.", "cvss3": {}, "published": "2015-05-07T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 3253-1 (pound - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566", "CVE-2012-4929", "CVE-2009-3555"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:703253", "href": "http://plugins.openvas.org/nasl.php?oid=703253", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3253.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3253-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703253);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2009-3555\", \"CVE-2012-4929\", \"CVE-2014-3566\");\n script_name(\"Debian Security Advisory DSA 3253-1 (pound - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-05-07 00:00:00 +0200 (Thu, 07 May 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3253.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"pound on Debian Linux\");\n script_tag(name: \"insight\", value: \"Pound was developed to enable\ndistributing the load among several Web-servers and to allow for a convenient\nSSL wrapper for those Web servers that do not offer it natively.\");\n script_tag(name: \"solution\", value: \"For the oldstable distribution\n(wheezy), these problems have been fixed in version 2.6-2+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.6-6+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.6-6.1.\n\nWe recommend that you upgrade your pound packages.\");\n script_tag(name: \"summary\", value: \"Pound, a HTTP reverse proxy and\nload balancer, had several issues related to vulnerabilities in the Secure\nSockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually\npossible to disable client-initiated renegotiation and disables it by default\n(CVE-2009-3555).\nTLS compression is disabled (CVE-2012-4929),\nalthough this is normally already disabled by the OpenSSL system library.\nFinally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566)\nentirely via the new DisableSSLv3 \nconfiguration directive, although it\nwill not disabled by default in this update. Additionally a non-security\nsensitive issue in redirect encoding is\naddressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555 \n).\nThis update addresses that issue for jessie.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed\nsoftware version using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"pound\", ver:\"2.6-2+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1628-1", "cvss3": {}, "published": "2012-11-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for qt4-x11 USN-1628-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841211", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841211", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1628_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for qt4-x11 USN-1628-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1628-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841211\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-09 09:34:32 +0530 (Fri, 09 Nov 2012)\");\n script_cve_id(\"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"USN\", value:\"1628-1\");\n script_name(\"Ubuntu Update for qt4-x11 USN-1628-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1628-1\");\n script_tag(name:\"affected\", value:\"qt4-x11 on Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer\n Security (TLS) protocol when it is used with data compression. If an\n attacker were able to perform a man-in-the-middle attack, this flaw\n could be exploited to view sensitive information. This update disables\n TLS data compression in Qt by default.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.8.1-0ubuntu4.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.7.4-0ubuntu8.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.6.2-0ubuntu5.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-04T11:20:51", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1628-1", "cvss3": {}, "published": "2012-11-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for qt4-x11 USN-1628-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841211", "href": "http://plugins.openvas.org/nasl.php?oid=841211", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1628_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for qt4-x11 USN-1628-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer\n Security (TLS) protocol when it is used with data compression. If an\n attacker were able to perform a man-in-the-middle attack, this flaw\n could be exploited to view sensitive information. This update disables\n TLS data compression in Qt by default.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1628-1\";\ntag_affected = \"qt4-x11 on Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1628-1/\");\n script_id(841211);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-09 09:34:32 +0530 (Fri, 09 Nov 2012)\");\n script_cve_id(\"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"USN\", value: \"1628-1\");\n script_name(\"Ubuntu Update for qt4-x11 USN-1628-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.8.1-0ubuntu4.3\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.7.4-0ubuntu8.2\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libqt4-network\", ver:\"4:4.6.2-0ubuntu5.5\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:37:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-07-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1898-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841494", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1898_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for openssl USN-1898-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.841494\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-05 13:16:50 +0530 (Fri, 05 Jul 2013)\");\n script_cve_id(\"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu Update for openssl USN-1898-1\");\n\n script_xref(name:\"USN\", value:\"1898-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1898-1/\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openssl'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|10\\.04 LTS|12\\.10|13\\.04)\");\n script_tag(name:\"affected\", value:\"openssl on Ubuntu 13.04,\n Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"The TLS protocol 1.2 and earlier can encrypt compressed data without\n properly obfuscating the length of the unencrypted data, which allows\n man-in-the-middle attackers to obtain plaintext content by observing\n length differences during a series of guesses in which a provided string\n potentially matches an unknown string in encrypted and compressed traffic.\n This is known as a CRIME attack in HTTP. Other protocols layered on top of\n TLS may also make these attacks practical.\n\n This update disables compression for all programs using SSL and TLS\n provided by the OpenSSL library. To re-enable compression for programs\n that need compression to communicate with legacy services, define the\n variable OPENSSL_DEFAULT_ZLIB in the program's environment.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.10\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.15\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1c-3ubuntu2.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1c-4ubuntu8.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-12-04T11:21:20", "description": "Check for the Version of openssl", "cvss3": {}, "published": "2013-07-05T00:00:00", "type": "openvas", "title": "Ubuntu Update for openssl USN-1898-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841494", "href": "http://plugins.openvas.org/nasl.php?oid=841494", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1898_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for openssl USN-1898-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The TLS protocol 1.2 and earlier can encrypt compressed data without\n properly obfuscating the length of the unencrypted data, which allows\n man-in-the-middle attackers to obtain plaintext content by observing\n length differences during a series of guesses in which a provided string\n potentially matches an unknown string in encrypted and compressed traffic.\n This is known as a CRIME attack in HTTP. Other protocols layered on top of\n TLS may also make these attacks practical.\n\n This update disables compression for all programs using SSL and TLS\n provided by the OpenSSL library. To re-enable compression for programs\n that need compression to communicate with legacy services, define the\n variable OPENSSL_DEFAULT_ZLIB in the program's environment.\";\n\n\ntag_affected = \"openssl on Ubuntu 13.04 ,\n Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 10.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\nif(description)\n{\n script_id(841494);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-07-05 13:16:50 +0530 (Fri, 05 Jul 2013)\");\n script_cve_id(\"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_name(\"Ubuntu Update for openssl USN-1898-1\");\n\n script_xref(name: \"USN\", value: \"1898-1\");\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1898-1/\");\n script_summary(\"Check for the Version of openssl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0\", ver:\"1.0.1-4ubuntu5.10\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl0.9.8\", ver:\"0.9.8k-7ubuntu8.15\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1c-3ubuntu2.5\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU13.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libssl1.0.0:i386\", ver:\"1.0.1c-4ubuntu8.1\", rls:\"UBUNTU13.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:51:33", "description": "Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME \n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.", "cvss3": {}, "published": "2013-02-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2627-1 (nginx - information leak)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892627", "href": "http://plugins.openvas.org/nasl.php?oid=892627", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2627.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"nginx on Debian Linux\";\ntag_insight = \"Nginx (engine x) is a web server created by Igor Sysoev and kindly provided to\nthe open-source community. This server can be used as standalone HTTP server\nand as a reverse proxy server before some Apache or another big server to\nreduce load to backend servers by many concurrent HTTP-sessions.\";\ntag_solution = \"For the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\n\nFor the testing distribution (wheezy), and unstable distribution (sid),\nthis problem has been fixed in version 1.1.16-1.\n\nWe recommend that you upgrade your nginx packages.\";\ntag_summary = \"Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME \n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892627);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-4929\");\n script_name(\"Debian Security Advisory DSA 2627-1 (nginx - information leak)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-17 00:00:00 +0100 (Sun, 17 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"2.6\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2627.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.7.67-3+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-dbg\", ver:\"0.7.67-3+squeeze3\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-common\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-doc\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-extras\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-extras-dbg\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-full\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-full-dbg\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-light\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-light-dbg\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-naxsi\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-naxsi-dbg\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"nginx-naxsi-ui\", ver:\"1.1.16-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:08", "description": "Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME\n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.", "cvss3": {}, "published": "2013-02-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2627-1 (nginx - information leak)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892627", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892627", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2627.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2627-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892627\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2012-4929\");\n script_name(\"Debian Security Advisory DSA 2627-1 (nginx - information leak)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-17 00:00:00 +0100 (Sun, 17 Feb 2013)\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2627.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"nginx on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\n\nFor the testing distribution (wheezy), and unstable distribution (sid),\nthis problem has been fixed in version 1.1.16-1.\n\nWe recommend that you upgrade your nginx packages.\");\n script_tag(name:\"summary\", value:\"Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME\n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"nginx\", ver:\"0.7.67-3+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-dbg\", ver:\"0.7.67-3+squeeze3\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-common\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-doc\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-extras\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-extras-dbg\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-full\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-full-dbg\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-light\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-light-dbg\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-naxsi\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-naxsi-dbg\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"nginx-naxsi-ui\", ver:\"1.1.16-1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863916", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863916", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863916\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:17 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"thunderbird on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:58:22", "description": "Check for the Version of xulrunner", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-01T00:00:00", "id": "OPENVAS:863694", "href": "http://plugins.openvas.org/nasl.php?oid=863694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 15\";\ntag_insight = \"XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM\n applications that are as rich as Firefox and Thunderbird. It provides mechanisms\n for installing, upgrading, and uninstalling these applications. XULRunner also\n provides libxul, a solution which allows the embedding of Mozilla technologies\n in other projects and products.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\");\n script_id(863694);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:44 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:57", "description": "Check for the Version of nss-util", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864068", "href": "http://plugins.openvas.org/nasl.php?oid=864068", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-util on Fedora 16\";\ntag_insight = \"Utilities for Network Security Services and the Softoken module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\");\n script_id(864068);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:51 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:40", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863696", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863696\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:48 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"firefox on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:14", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863697", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863697\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:51 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~10.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863695", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863695\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:46 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'gnome-python2-extras'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"gnome-python2-extras on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~35.fc15.4\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863691\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:34 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:24", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863699", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863699", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863699\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:55 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird-lightning'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"thunderbird-lightning on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-11T11:07:52", "description": "Check for the Version of nspr", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:863690", "href": "http://plugins.openvas.org/nasl.php?oid=863690", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nspr on Fedora 15\";\ntag_insight = \"NSPR provides platform independence for non-GUI operating system\n facilities. These facilities include threads, thread synchronization,\n normal file and network I/O, interval timing and calendar time, basic\n memory management (malloc and free) and shared library linking.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\");\n script_id(863690);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:31 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nspr FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nspr\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.9~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-07-24T12:50:59", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-2 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71249", "href": "http://plugins.openvas.org/nasl.php?oid=71249", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_2.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-2 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"cURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\nBEAST) cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n- --ssl-allow-beast option to the curl program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\n\nWe recommend that you upgrade your curl packages.\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-2\";\n\nif(description)\n{\n script_id(71249);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:55:40 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-2 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:56:33", "description": "Check for the Version of perl-Gtk2-MozEmbed", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863698", "href": "http://plugins.openvas.org/nasl.php?oid=863698", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"perl-Gtk2-MozEmbed on Fedora 15\";\ntag_insight = \"This module allows you to use the Mozilla embedding widget from Perl.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\");\n script_id(863698);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:53 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of perl-Gtk2-MozEmbed\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-Gtk2-MozEmbed\", rpm:\"perl-Gtk2-MozEmbed~0.09~1.fc15.8\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:35", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nspr FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863690", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863690", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nspr FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863690\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:31 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nspr FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nspr'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nspr on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nspr\", rpm:\"nspr~4.8.9~2.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863698", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863698", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863698\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:53 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for perl-Gtk2-MozEmbed FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'perl-Gtk2-MozEmbed'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"perl-Gtk2-MozEmbed on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"perl-Gtk2-MozEmbed\", rpm:\"perl-Gtk2-MozEmbed~0.09~1.fc15.8\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:07:14", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:863693", "href": "http://plugins.openvas.org/nasl.php?oid=863693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 15\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\");\n script_id(863693);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:39 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:33", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: fetchmail", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071832", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071832", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_fetchmail16.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 18ce9a90-f269-11e1-be53-080027ef73ec\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71832\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:34:17 -0400 (Thu, 30 Aug 2012)\");\n script_name(\"FreeBSD Ports: fetchmail\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: fetchmail\n\nCVE-2011-3389\nThe SSL protocol, as used in certain configurations in Microsoft\nWindows and Microsoft Internet Explorer, Mozilla Firefox, Google\nChrome, Opera, and other products, encrypts data by using CBC mode\nwith chained initialization vectors, which allows man-in-the-middle\nattackers to obtain plaintext HTTP headers via a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java\nURLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST'\nattack.\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"fetchmail\");\nif(!isnull(bver) && revcomp(a:bver, b:\"6.3.9\")>=0 && revcomp(a:bver, b:\"6.3.22\")<0) {\n txt += \"Package fetchmail version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = TRUE;\n}\n\nif(vuln) {\n security_message(data:txt);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:38:38", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864037", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864037\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird-lightning'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"thunderbird-lightning on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-08T14:03:20", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-006.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "openvas", "title": "Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2020-01-07T00:00:00", "id": "OPENVAS:1361412562310902900", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310902900", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.902900\");\n script_version(\"2020-01-07T09:06:32+0000\");\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-07 09:06:32 +0000 (Tue, 07 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2012-01-11 09:47:46 +0530 (Wed, 11 Jan 2012)\");\n script_name(\"Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\");\n script_xref(name:\"URL\", value:\"http://support.microsoft.com/kb/2585542\");\n script_xref(name:\"URL\", value:\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/registry_enumerated\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the application protocol stream to execute HTTP\n transactions, bypass authentication.\");\n\n script_tag(name:\"affected\", value:\"- Microsoft Windows 7 Service Pack 1 and prior\n\n - Microsoft Windows XP Service Pack 3 and prior\n\n - Microsoft Windows 2K3 Service Pack 2 and prior\n\n - Microsoft Windows Vista Service Pack 1/2 and prior\n\n - Microsoft Windows Server 2008 Service Pack 1/2 and prior\");\n\n script_tag(name:\"insight\", value:\"A flaw exists is due to an error in Microsoft Windows SChannel (Secure Channel),\n when modifying the way that the Windows Secure Channel (SChannel) component sends and receives encrypted network packets.\");\n\n script_tag(name:\"solution\", value:\"The vendor has released updates. Please see the references for more information.\");\n\n script_tag(name:\"summary\", value:\"This host is missing an important security update according to\n Microsoft Bulletin MS12-006.\");\n\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:2, win2008:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath){\n exit(0);\n}\n\nif(hotfix_check_sp(win2003:3) > 0)\n{\n if(hotfix_missing(name:\"2585542\") == 1)\n {\n sysVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Schannel.dll\");\n if(sysVer)\n {\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4935\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n }\n else if(hotfix_missing(name:\"2638806\") == 1)\n {\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n}\n\nif(hotfix_missing(name:\"2585542\") == 0){\n exit(0);\n}\n\nsysVer = fetch_file_version(sysPath:sysPath, file_name:\"system32\\Schannel.dll\");\nif(!sysVer){\n exit(0);\n}\n\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.6175\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(!SP){\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n if(version_in_range(version:sysVer, test_version:\"6.0.6002.18000\", test_version2:\"6.0.6002.18540\")||\n version_in_range(version:sysVer, test_version:\"6.0.6002.22000\", test_version2:\"6.0.6002.22741\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n exit(0);\n }\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n if(version_is_less(version:sysVer, test_version:\"6.1.7600.16915\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7600.21000\", test_version2:\"6.1.7600.21091\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.17000\", test_version2:\"6.1.7601.17724\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.21000\", test_version2:\"6.1.7601.21860\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:07:05", "description": "This host is missing an important security update according to\n Microsoft Bulletin MS12-006.", "cvss3": {}, "published": "2012-01-11T00:00:00", "type": "openvas", "title": "Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:902900", "href": "http://plugins.openvas.org/nasl.php?oid=902900", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: secpod_ms12-006.nasl 8276 2018-01-03 12:29:18Z asteins $\n#\n# Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright (c) 2012 SecPod, http://www.secpod.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation of this issue may allow attackers to perform limited\n man-in-the-middle attacks to inject data into the beginning of the\n application protocol stream to execute HTTP transactions, bypass\n authentication.\n Impact Level: Windows\";\ntag_affected = \"Microsoft Windows 7 Service Pack 1 and prior.\n Microsoft Windows XP Service Pack 3 and prior.\n Microsoft Windows 2K3 Service Pack 2 and prior.\n Microsoft Windows Vista Service Pack 1/2 and prior.\n Microsoft Windows Server 2008 Service Pack 1/2 and prior.\";\ntag_insight = \"A flaw exists is due to an error in Microsoft Windows SChannel (Secure Channel),\n when modifying the way that the Windows Secure Channel (SChannel) component\n sends and receives encrypted network packets.\";\ntag_solution = \"Run Windows Update and update the listed hotfixes or download and\n update mentioned hotfixes in the advisory from the below link,\n http://technet.microsoft.com/en-us/security/bulletin/ms12-006\";\ntag_summary = \"This host is missing an important security update according to\n Microsoft Bulletin MS12-006.\";\n\nif(description)\n{\n script_id(902900);\n script_version(\"$Revision: 8276 $\");\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 13:29:18 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-11 09:47:46 +0530 (Wed, 11 Jan 2012)\");\n script_name(\"Microsoft Windows SSL/TLS Information Disclosure Vulnerability (2643584)\");\n script_xref(name : \"URL\" , value : \"http://support.microsoft.com/kb/2585542\");\n script_xref(name : \"URL\" , value : \"http://technet.microsoft.com/en-us/security/bulletin/ms12-006\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2012 SecPod\");\n script_family(\"Windows : Microsoft Bulletins\");\n script_dependencies(\"secpod_reg_enum.nasl\");\n script_require_ports(139, 445);\n script_mandatory_keys(\"SMB/WindowsVersion\");\n\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"smb_nt.inc\");\ninclude(\"secpod_reg.inc\");\ninclude(\"version_func.inc\");\ninclude(\"secpod_smb_func.inc\");\n\n\nif(hotfix_check_sp(xp:4, win2003:3, winVista:3, win7:2, win2008:3) <= 0){\n exit(0);\n}\n\nsysPath = smb_get_systemroot();\nif(!sysPath){\n exit(0);\n}\n\n## Windows 2003\nif(hotfix_check_sp(win2003:3) > 0)\n{\n ## Check for Hotfix 2638806 (MS12-006)\n if(hotfix_missing(name:\"2585542\") == 1)\n {\n sysVer = fetch_file_version(sysPath, file_name:\"system32\\Schannel.dll\");\n if(sysVer)\n {\n SP = get_kb_item(\"SMB/Win2003/ServicePack\");\n if(\"Service Pack 2\" >< SP)\n {\n ## Check for Schannel.dll version < 5.2.3790.4935\n if(version_is_less(version:sysVer, test_version:\"5.2.3790.4935\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n }\n }\n else if(hotfix_missing(name:\"2638806\") == 1)\n {\n security_message(0);\n }\n exit(0);\n}\n\n## Check for Hotfix 2585542 (MS12-006)\nif(hotfix_missing(name:\"2585542\") == 0){\n exit(0);\n}\n\n## Get Version from file Schannel.dll\nsysVer = fetch_file_version(sysPath, file_name:\"system32\\Schannel.dll\");\nif(!sysVer){\n exit(0);\n}\n\n## Windows XP\nif(hotfix_check_sp(xp:4) > 0)\n{\n SP = get_kb_item(\"SMB/WinXP/ServicePack\");\n if(\"Service Pack 3\" >< SP)\n {\n ## Check for Schannel.dll version < 5.1.2600.6175\n if(version_is_less(version:sysVer, test_version:\"5.1.2600.6175\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Windows Vista and Windows Server 2008\nelse if(hotfix_check_sp(winVista:3, win2008:3) > 0)\n{\n SP = get_kb_item(\"SMB/WinVista/ServicePack\");\n if(!SP){\n SP = get_kb_item(\"SMB/Win2008/ServicePack\");\n }\n\n if(\"Service Pack 2\" >< SP)\n {\n ## Check for Schannel.dll version\n if(version_in_range(version:sysVer, test_version:\"6.0.6002.18000\", test_version2:\"6.0.6002.18540\")||\n version_in_range(version:sysVer, test_version:\"6.0.6002.22000\", test_version2:\"6.0.6002.22741\")){\n security_message(0);\n }\n exit(0);\n }\n security_message(0);\n}\n\n## Windows 7\nelse if(hotfix_check_sp(win7:2) > 0)\n{\n ## Grep for Schannel.dll version\n if(version_is_less(version:sysVer, test_version:\"6.1.7600.16915\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7600.21000\", test_version2:\"6.1.7600.21091\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.17000\", test_version2:\"6.1.7601.17724\") ||\n version_in_range(version:sysVer, test_version:\"6.1.7601.21000\", test_version2:\"6.1.7601.21860\")){\n security_message(0);\n }\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-03T10:58:33", "description": "Check for the Version of nss-softokn", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863692", "href": "http://plugins.openvas.org/nasl.php?oid=863692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-softokn on Fedora 15\";\ntag_insight = \"Network Security Services Softoken Cryptographic Module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\");\n script_id(863692);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:36 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-softokn\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~15.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:46", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864070", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864070", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864070\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:55 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'firefox'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"firefox on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-06T13:06:49", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-05T00:00:00", "id": "OPENVAS:864070", "href": "http://plugins.openvas.org/nasl.php?oid=864070", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 16\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\");\n script_id(864070);\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:55 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-11T11:07:35", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:864037", "href": "http://plugins.openvas.org/nasl.php?oid=864037", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 16\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\");\n script_id(864037);\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:04:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:28", "description": "Check for the Version of nss-util", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-29T00:00:00", "id": "OPENVAS:863691", "href": "http://plugins.openvas.org/nasl.php?oid=863691", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-util on Fedora 15\";\ntag_insight = \"Utilities for Network Security Services and the Softoken module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\");\n script_id(863691);\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:34 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-util\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-08T12:56:31", "description": "Check for the Version of firefox", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for firefox FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863696", "href": "http://plugins.openvas.org/nasl.php?oid=863696", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for firefox FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"firefox on Fedora 15\";\ntag_insight = \"Mozilla Firefox is an open-source web browser, designed for standards\n compliance, performance and portability.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\");\n script_id(863696);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:48 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for firefox FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of firefox\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"firefox\", rpm:\"firefox~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:57:30", "description": "Check for the Version of thunderbird-lightning", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird-lightning FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:863699", "href": "http://plugins.openvas.org/nasl.php?oid=863699", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird-lightning FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird-lightning on Fedora 15\";\ntag_insight = \"Lightning brings the Sunbird calendar to the popular email client,\n Mozilla Thunderbird. Since it's an extension, Lightning is tightly\n integrated with Thunderbird, allowing it to easily perform email-related\n calendaring tasks.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\");\n script_id(863699);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:55 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for thunderbird-lightning FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird-lightning\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird-lightning\", rpm:\"thunderbird-lightning~1.1~0.1.rc1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-03T10:56:34", "description": "Check for the Version of gnome-python2-extras", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for gnome-python2-extras FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863695", "href": "http://plugins.openvas.org/nasl.php?oid=863695", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for gnome-python2-extras FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"gnome-python2-extras on Fedora 15\";\ntag_insight = \"The gnome-python-extra package contains the source packages for additional\n Python bindings for GNOME. It should be used together with gnome-python.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\");\n script_id(863695);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:46 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for gnome-python2-extras FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of gnome-python2-extras\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"gnome-python2-extras\", rpm:\"gnome-python2-extras~2.25.3~35.fc15.4\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863804", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863804\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863694", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863694", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863694\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:44 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"xulrunner on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0.1~1.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:39:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863960", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863960\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xulrunner'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"xulrunner on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-08T12:56:16", "description": "Check for the Version of nss", "cvss3": {}, "published": "2012-03-19T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-08T00:00:00", "id": "OPENVAS:863804", "href": "http://plugins.openvas.org/nasl.php?oid=863804", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 16\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\");\n script_id(863804);\n script_version(\"$Revision: 8313 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-08 08:02:11 +0100 (Mon, 08 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-19 12:18:59 +0530 (Mon, 19 Mar 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~9.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:01", "description": "The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.", "cvss3": {}, "published": "2012-04-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2398-2 (curl)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:136141256231071249", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071249", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2398_2.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2398-2 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71249\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-30 07:55:40 -0400 (Mon, 30 Apr 2012)\");\n script_name(\"Debian Security Advisory DSA 2398-2 (curl)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202398-2\");\n script_tag(name:\"insight\", value:\"cURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\nBEAST) cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n\n - --ssl-allow-beast option to the curl program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your curl packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to curl\nannounced via advisory DSA 2398-2.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"curl\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.21.0-2.1+squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:56:45", "description": "Check for the Version of xulrunner", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for xulrunner FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863960", "href": "http://plugins.openvas.org/nasl.php?oid=863960", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xulrunner FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"xulrunner on Fedora 16\";\ntag_insight = \"XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XPCOM\n applications that are as rich as Firefox and Thunderbird. It provides mechanisms\n for installing, upgrading, and uninstalling these applications. XULRunner also\n provides libxul, a solution which allows the embedding of Mozilla technologies\n in other projects and products.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\");\n script_id(863960);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:35 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for xulrunner FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of xulrunner\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"xulrunner\", rpm:\"xulrunner~9.0~2.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863693\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:39 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'thunderbird'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"thunderbird on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-03T10:58:20", "description": "Check for the Version of thunderbird", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for thunderbird FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:863916", "href": "http://plugins.openvas.org/nasl.php?oid=863916", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for thunderbird FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"thunderbird on Fedora 16\";\ntag_insight = \"Mozilla Thunderbird is a standalone mail and newsgroup client.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\");\n script_id(863916);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:36:17 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for thunderbird FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of thunderbird\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"thunderbird\", rpm:\"thunderbird~9.0~4.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2018-01-02T10:58:29", "description": "Check for the Version of nss-softokn", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-01-02T00:00:00", "id": "OPENVAS:863955", "href": "http://plugins.openvas.org/nasl.php?oid=863955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss-softokn on Fedora 16\";\ntag_insight = \"Network Security Services Softoken Cryptographic Module\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\");\n script_id(863955);\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17400\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss-softokn\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~14.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:39:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863955", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863955\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:38:13 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~14.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2018-01-02T10:57:46", "description": "Check for the Version of nss", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:863697", "href": "http://plugins.openvas.org/nasl.php?oid=863697", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nss on Fedora 15\";\ntag_insight = \"Network Security Services (NSS) is a set of libraries designed to\n support cross-platform development of security-enabled client and\n server applications. Applications built with NSS can support SSL v2\n and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509\n v3 certificates, and other security standards.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\");\n script_id(863697);\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:51 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name: \"FEDORA\", value: \"2011-17399\");\n script_name(\"Fedora Update for nss FEDORA-2011-17399\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nss\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss\", rpm:\"nss~3.13.1~10.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:56", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "openvas", "title": "Fedora Update for nss-softokn FEDORA-2011-17399", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310863692", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310863692", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-softokn FEDORA-2011-17399\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.863692\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-01-23 11:30:36 +0530 (Mon, 23 Jan 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n script_name(\"Fedora Update for nss-softokn FEDORA-2011-17399\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-softokn'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC15\");\n script_tag(name:\"affected\", value:\"nss-softokn on Fedora 15\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC15\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-softokn\", rpm:\"nss-softokn~3.13.1~15.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-02T21:10:44", "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "openvas", "title": "FreeBSD Ports: fetchmail", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2017-04-25T00:00:00", "id": "OPENVAS:71832", "href": "http://plugins.openvas.org/nasl.php?oid=71832", "sourceData": "#\n#VID 18ce9a90-f269-11e1-be53-080027ef73ec\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from VID 18ce9a90-f269-11e1-be53-080027ef73ec\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: fetchmail\n\nCVE-2011-3389\nThe SSL protocol, as used in certain configurations in Microsoft\nWindows and Microsoft Internet Explorer, Mozilla Firefox, Google\nChrome, Opera, and other products, encrypts data by using CBC mode\nwith chained initialization vectors, which allows man-in-the-middle\nattackers to obtain plaintext HTTP headers via a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java\nURLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST'\nattack.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\n\nif(description)\n{\n script_id(71832);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_cve_id(\"CVE-2011-3389\");\n script_version(\"$Revision: 6022 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-04-25 14:51:04 +0200 (Tue, 25 Apr 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-30 11:34:17 -0400 (Thu, 30 Aug 2012)\");\n script_name(\"FreeBSD Ports: fetchmail\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\nvuln = 0;\ntxt = \"\";\nbver = portver(pkg:\"fetchmail\");\nif(!isnull(bver) && revcomp(a:bver, b:\"6.3.9\")>=0 && revcomp(a:bver, b:\"6.3.22\")<0) {\n txt += \"Package fetchmail version \" + bver + \" is installed which is known to be vulnerable.\\n\";\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt ));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2019-05-29T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-04-02T00:00:00", "type": "openvas", "title": "Fedora Update for nss-util FEDORA-2011-17400", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310864068", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310864068", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nss-util FEDORA-2011-17400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.864068\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 13:06:51 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2011-3389\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n script_name(\"Fedora Update for nss-util FEDORA-2011-17400\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'nss-util'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC16\");\n script_tag(name:\"affected\", value:\"nss-util on Fedora 16\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"nss-util\", rpm:\"nss-util~3.13.1~3.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-01-31T18:38:21", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-10-13T00:00:00", "type": "openvas", "title": "SUSE: Security Advisory for suseRegister (SUSE-SU-2015:0010-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310850791", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310850791", "sourceData": "# Copyright (C) 2015 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.850791\");\n script_version(\"2020-01-31T07:58:03+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 07:58:03 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2015-10-13 15:40:33 +0530 (Tue, 13 Oct 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"SUSE: Security Advisory for suseRegister (SUSE-SU-2015:0010-1)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'suseRegister'\n package(s) announced via the referenced advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"suseRegister was updated to fix one security issue:\n\n * POODLE: Ensure that only TLS is used. (CVE-2014-3566)\n\n Security Issues:\n\n * CVE-2014-3566\");\n\n script_tag(name:\"affected\", value:\"suseRegister on SUSE Linux Enterprise Server 11 SP3\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"SUSE-SU\", value:\"2015:0010-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=SLES11\\.0SP3\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"SLES11.0SP3\") {\n if(!isnull(res = isrpmvuln(pkg:\"suseRegister\", rpm:\"suseRegister~1.4~1.35.1\", rls:\"SLES11.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:43", "description": "Check the version of claws-mail", "cvss3": {}, "published": "2014-11-11T00:00:00", "type": "openvas", "title": "Fedora Update for claws-mail FEDORA-2014-14234", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868471", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868471", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for claws-mail FEDORA-2014-14234\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868471\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-11 06:21:35 +0100 (Tue, 11 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for claws-mail FEDORA-2014-14234\");\n script_tag(name:\"summary\", value:\"Check the version of claws-mail\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"claws-mail on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-14234\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143135.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"claws-mail\", rpm:\"claws-mail~3.11.1~2.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:20", "description": "Check the version of nodejs", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "openvas", "title": "Fedora Update for nodejs FEDORA-2014-15379", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868604", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868604", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nodejs FEDORA-2014-15379\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868604\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-12-15 05:56:50 +0100 (Mon, 15 Dec 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for nodejs FEDORA-2014-15379\");\n script_tag(name:\"summary\", value:\"Check the version of nodejs\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"nodejs on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-15379\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146233.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"nodejs\", rpm:\"nodejs~0.10.33~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:36:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-01-05T00:00:00", "type": "openvas", "title": "Fedora Update for libetpan FEDORA-2014-14237", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868693", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868693", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libetpan FEDORA-2014-14237\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868693\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-01-05 14:43:16 +0100 (Mon, 05 Jan 2015)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for libetpan FEDORA-2014-14237\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libetpan'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libetpan on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2014-14237\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-January/147485.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libetpan\", rpm:\"libetpan~1.6~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2019-05-29T18:37:19", "description": "Check the version of python-rhsm", "cvss3": {}, "published": "2014-11-07T00:00:00", "type": "openvas", "title": "Fedora Update for python-rhsm FEDORA-2014-13781", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310868454", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310868454", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for python-rhsm FEDORA-2014-13781\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.868454\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-11-07 06:17:16 +0100 (Fri, 07 Nov 2014)\");\n script_cve_id(\"CVE-2014-3566\");\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_name(\"Fedora Update for python-rhsm FEDORA-2014-13781\");\n script_tag(name:\"summary\", value:\"Check the version of python-rhsm\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"python-rhsm on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-13781\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142781.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"python-rhsm\", rpm:\"python-rhsm~1.13.6~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2017-07-24T12:51:51", "description": "Several vulnerabilities were discovered in the TLS/SSL protocol. This\nupdate addresses these protocol vulnerabilities in lighttpd.\n\nCVE-2009-3555 \nMarsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS\nand SSLv3 protocols do not properly associate renegotiation\nhandshakes with an existing connection, which allows man-in-the-middle\nattackers to insert data into HTTPS sessions. This issue is solved\nin lighttpd by disabling client initiated renegotiation by default.\n\nThose users that do actually need such renegotiations, can reenable\nthem via the new ssl.disable-client-renegotiation \nparameter.\n\nCVE-2012-4929Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME \n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update disables compression.", "cvss3": {}, "published": "2013-02-17T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2626-1 (lighttpd - several issues)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929", "CVE-2009-3555"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892626", "href": "http://plugins.openvas.org/nasl.php?oid=892626", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2626.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2626-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"lighttpd on Debian Linux\";\ntag_insight = \"lighttpd is a small webserver and fast webserver developed with\nsecurity in mind and a lot of features.\nIt has support for\n\n* CGI, FastCGI and SSI\n* virtual hosts\n* URL rewriting\n* authentication (plain files, htpasswd, ldap)\n* transparent content compression\n* conditional configuration\n\nand configuration is straight-forward and easy.\";\ntag_solution = \"For the stable distribution (squeeze), these problems have been fixed in\nversion 1.4.28-2+squeeze1.2.\n\nFor the testing distribution (wheezy), and the unstable distribution (sid)\nthese problems have been fixed in version 1.4.30-1.\n\nWe recommend that you upgrade your lighttpd packages.\";\ntag_summary = \"Several vulnerabilities were discovered in the TLS/SSL protocol. This\nupdate addresses these protocol vulnerabilities in lighttpd.\n\nCVE-2009-3555 \nMarsh Ray, Steve Dispensa, and Martin Rex discovered that the TLS\nand SSLv3 protocols do not properly associate renegotiation\nhandshakes with an existing connection, which allows man-in-the-middle\nattackers to insert data into HTTPS sessions. This issue is solved\nin lighttpd by disabling client initiated renegotiation by default.\n\nThose users that do actually need such renegotiations, can reenable\nthem via the new ssl.disable-client-renegotiation \nparameter.\n\nCVE-2012-4929Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME \n, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update disables compression.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892626);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2012-4929\", \"CVE-2009-3555\");\n script_name(\"Debian Security Advisory DSA 2626-1 (lighttpd - several issues)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-02-17 00:00:00 +0100 (Sun, 17 Feb 2013)\");\n script_tag(name: \"cvss_base\", value:\"5.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2626.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"lighttpd\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-doc\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-cml\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-magnet\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-mysql-vhost\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-trigger-b4-dl\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-webdav\", ver:\"1.4.28-2+squeeze1.2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-doc\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-cml\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-magnet\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-mysql-vhost\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-trigger-b4-dl\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"lighttpd-mod-webdav\", ver:\"1.4.30-1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:20:19", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1627-1", "cvss3": {}, "published": "2012-11-09T00:00:00", "type": "openvas", "title": "Ubuntu Update for apache2 USN-1627-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-2687", "CVE-2012-4929"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841209", "href": "http://plugins.openvas.org/nasl.php?oid=841209", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1627_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for apache2 USN-1627-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that the mod_negotiation module incorrectly handled\n certain filenames, which could result in browsers becoming vulnerable to\n cross-site scripting attacks when processing the output. With cross-site\n scripting vulnerabilities, if a user were tricked into viewing server\n output during a crafted server request, a remote attacker could exploit\n this to modify the contents, or steal confidential data (such as\n passwords), within the same domain. (CVE-2012-2687)\n\n It was discovered that the Apache HTTP Server was vulnerable to the "CRIME"\n SSL data compression attack. Although this issue had been mitigated on the\n client with newer web browsers, this update also disables SSL data\n compression on the server. A new SSLCompression directive for Apache has\n been backported that may be used to re-enable SSL data compression in\n certain environments. For more information, please refer to:\n http://httpd.apache.org/docs/2.4/mod/mod_ssl.html\n (CVE-2012-4929)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1627-1\";\ntag_affected = \"apache2 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1627-1/\");\n script_id(841209);\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-11-09 09:34:28 +0530 (Fri, 09 Nov 2012)\");\n script_cve_id(\"CVE-2012-2687\", \"CVE-2012-4929\");\n script_tag(name:\"cvss_base\", value:\"2.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:N/I:P/A:N\");\n script_xref(name: \"USN\", value: \"1627-1\");\n script_name(\"Ubuntu Update for apache2 USN-1627-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-1ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.20-1ubuntu1.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.14-5ubuntu8.10\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.8-1ubuntu0.24\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"apache2.2-common\", ver:\"2.2.22-6ubuntu2.1\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "fedora": [{"lastseen": "2021-06-08T18:40:20", "description": "The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away ", "cvss3": {}, "published": "2014-11-07T02:38:03", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: Pound-2.6-8.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2014-11-07T02:38:03", "id": "FEDORA:4329260E587A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DS4VHIDUQCJJGFBBD6EDKF263EHOPE72/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-06-08T18:40:20", "description": "The Pound program is a reverse proxy, load balancer and HTTPS front-end for Web server(s). Pound was developed to enable distributing the load among several Web-servers and to allow for a convenient SSL wrapper for those Web servers that do not offer it natively. Pound is distributed under the GPL - no warranty, it's free to use, copy and give away ", "cvss3": {}, "published": "2014-11-12T02:45:18", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: Pound-2.6-8.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2014-11-12T02:45:18", "id": "FEDORA:F38FB60CBEE0", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZAJDOXTMDCRZVTWRB7JHPGW72UYM2ZYO/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Lightning brings the Sunbird calendar to the popular email client, Mozilla Thunderbird. Since it's an extension, Lightning is tightly integrated with Thunderbird, allowing it to easily perform email-related calendaring tasks. ", "cvss3": {}, "published": "2012-01-22T05:26:28", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: thunderbird-lightning-1.1-0.1.rc1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:28", "id": "FEDORA:F036720CB7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/7MHCYVAGSDGDA3ICHP3JRNY6VFBEVMMQ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: nss-3.13.1-9.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:5A57F22DE8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IRTGGHXDJHYIL3FC663LSBLO5OD4LCZR/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client. ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: thunderbird-9.0-4.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:7EE8622E3A", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PWZN725HEBEEYDNMDIE2JR7IODTN4C52/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XP COM applications that are as rich as Firefox and Thunderbird. It provides mecha nisms for installing, upgrading, and uninstalling these applications. XULRunner a lso provides libxul, a solution which allows the embedding of Mozilla technolog ies in other projects and products. ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: xulrunner-9.0-2.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:6BF3822E23", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/XGVZICHPHRQZESNBTP4D2TG62XEWWJQO/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Network Security Services Softoken Cryptographic Module ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: nss-softokn-3.13.1-14.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:4857E22DBD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/KQC6VQJGLQNIEY2H46I355RUE3F2WGMS/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Mozilla Thunderbird is a standalone mail and newsgroup client. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: thunderbird-9.0-4.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:2490220CD3", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LSZOLEY5KNHGQIWNLVWNYWFLBFKP4MJJ/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Utilities for Network Security Services and the Softoken module ", "cvss3": {}, "published": "2012-01-22T05:26:28", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: nss-util-3.13.1-3.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:28", "id": "FEDORA:E779120CA7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZMYWPEAI2LNRMC4RW4STDBUAF2Q3MMDR/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "The gnome-python-extra package contains the source packages for additional Python bindings for GNOME. It should be used together with gnome-python. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: gnome-python2-extras-2.25.3-35.fc15.4", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:4053B20CDA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/3JWZDDDQJSSIXZF7LSKXOW7XNWZ4DIXS/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "XULRunner is a Mozilla runtime package that can be used to bootstrap XUL+XP COM applications that are as rich as Firefox and Thunderbird. It provides mecha nisms for installing, upgrading, and uninstalling these applications. XULRunner a lso provides libxul, a solution which allows the embedding of Mozilla technolog ies in other projects and products. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: xulrunner-9.0.1-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:37BAE20CD9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/QTS2JLT6EQPLKIIJK7H52AJEKYT5PJEC/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management (malloc and free) and shared library linking. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: nspr-4.8.9-2.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:1AC5420CC5", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OUQF77I5YB5BDPTPQLSIM2YRNMAVQ7ZN/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Utilities for Network Security Services and the Softoken module ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: nss-util-3.13.1-3.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:5191B22DC7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EZG5KM7COWAO75MTB5GBTQ3TT7NLS6QK/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Lightning brings the Sunbird calendar to the popular email client, Mozilla Thunderbird. Since it's an extension, Lightning is tightly integrated with Thunderbird, allowing it to easily perform email-related calendaring tasks. ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: thunderbird-lightning-1.1-0.1.rc1.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:62E9022DEA", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/GPD4F7P65W426WJFRGLI2THK5I72CNU6/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. ", "cvss3": {}, "published": "2011-12-23T03:31:27", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: firefox-9.0-3.fc16", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-23T03:31:27", "id": "FEDORA:7617922E25", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DQESYE3NXWTHYFMEWIVBD2WQR4YJ6AAI/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Network Security Services Softoken Cryptographic Module ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: nss-softokn-3.13.1-15.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:04F1C20CB8", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SAIWKNK2HABOZM5EUNKJIYDEGQJL4ODA/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications. Applications built with NSS can support SSL v2 and v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and other security standards. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: nss-3.13.1-10.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:1262420CBE", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/UQ32QJNRBMYD5IKAKOE5AEHQ2AN6742J/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:50", "description": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance and portability. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: firefox-9.0.1-1.fc15", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:2F07020CD7", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/MATF4XL6GA3NXAJK5SSXGM7BKFLOOSKU/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-06-08T18:43:39", "description": "This module allows you to use the Mozilla embedding widget from Perl. ", "cvss3": {}, "published": "2012-01-22T05:26:29", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: perl-Gtk2-MozEmbed-0.09-1.fc15.8", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-01-22T05:26:29", "id": "FEDORA:48FBB20CE9", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/ZXIJBI55KKLMYVV3LZSEEX5GBCQMYM3C/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "A small library for communicating with the REST interface of a Red Hat Unif ied Entitlement Platform. This interface is used for the management of system entitlements, certificates, and access to content. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-11-10T06:34:40", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: python-rhsm-1.13.6-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2014-11-10T06:34:40", "id": "FEDORA:D241A60EFAEF", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DOUE55V5PPKTBCTMQMJUXHFHIOCPJ6E7/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "The purpose of this mail library is to provide a portable, efficient middle -ware for different kinds of mail access. When using the drivers interface, the interface is the same for all kinds of mail access, remote and local mailbo xes. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-11-10T06:34:14", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: libetpan-1.6-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2014-11-10T06:34:14", "id": "FEDORA:13EED60DC938", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JDH2E76U2J6PKXG2MZP5OFA3BU5MXS6U/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "libuv is a new platform layer for Node. Its purpose is to abstract IOCP on Windows and libev on Unix systems. We intend to eventually contain all plat form differences in this library. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-12-15T04:31:42", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: libuv-0.10.29-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2014-12-15T04:31:42", "id": "FEDORA:58A826087D72", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/2JNEZJY755ZX2OZM3TFQCVEBVGX43DWW/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Asterisk is a complete PBX in software. It runs on Linux and provides all of the features you would expect from a PBX and more. Asterisk does voice over IP in three protocols, and can interoperate with almost all standards-based telephony equipment using relatively inexpensive hardware. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-12-12T04:30:25", "type": "fedora", "title": "[SECURITY] Fedora 21 Update: asterisk-11.14.1-1.fc21", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2014-12-12T04:30:25", "id": "FEDORA:561B260CE121", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/HPIKK2IRIR4WQRII6M6WZHHFDTZSN3CE/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Additional plugins for Claws Mail. ", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2014-11-10T06:30:28", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: claws-mail-plugins-3.11.1-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2014-11-10T06:30:28", "id": "FEDORA:0FE8860E4374", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/EOK5QRXIGC4YKWBDGZOUK4UNDS64SYJ4/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "nessus": [{"lastseen": "2023-05-18T14:25:00", "description": "Backport various security fixes. Note they usually are extra options that need to be enabled manually so that we won't break functionality :\n\n - CVE-2011-3389: Make it possible to deny use of 'BEAST' vulnerable ciphers\n\n - CVE-2012-4929: Disable compression to be safe from 'CRIME'\n\n - CVE-2005-2090: Chunked encofing response splitting (no awkward name here)\n\n - CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from 'POODLE'\n\n - A redirect XSS fix\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-11-12T00:00:00", "type": "nessus", "title": "Fedora 20 : Pound-2.6-8.fc20 (2014-13777)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-2090", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pound", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-13777.NASL", "href": "https://www.tenable.com/plugins/nessus/79192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13777.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79192);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(49778, 55704, 70574);\n script_xref(name:\"FEDORA\", value:\"2014-13777\");\n\n script_name(english:\"Fedora 20 : Pound-2.6-8.fc20 (2014-13777)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport various security fixes. Note they usually are extra options\nthat need to be enabled manually so that we won't break \nfunctionality :\n\n - CVE-2011-3389: Make it possible to deny use of 'BEAST'\n vulnerable ciphers\n\n - CVE-2012-4929: Disable compression to be safe from\n 'CRIME'\n\n - CVE-2005-2090: Chunked encofing response splitting (no\n awkward name here)\n\n - CVE-2014-3566: Allow disabling SSLv3 (and others), to\n be safe from 'POODLE'\n\n - A redirect XSS fix\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/143507.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f6b51c45\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected Pound package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:Pound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"Pound-2.6-8.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Pound\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T14:17:41", "description": "Backport various security fixes. Note they usually are extra options that need to be enabled manually so that we won't break functionality :\n\n - CVE-2011-3389: Make it possible to deny use of 'BEAST' vulnerable ciphers\n\n - CVE-2012-4929: Disable compression to be safe from 'CRIME'\n\n - CVE-2005-2090: Chunked encofing response splitting (no awkward name here)\n\n - CVE-2014-3566: Allow disabling SSLv3 (and others), to be safe from 'POODLE'\n\n - A redirect XSS fix\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-11-07T00:00:00", "type": "nessus", "title": "Fedora 19 : Pound-2.6-8.fc19 (2014-13764)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-2090", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:pound", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-13764.NASL", "href": "https://www.tenable.com/plugins/nessus/78902", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-13764.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78902);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(55704, 70574);\n script_xref(name:\"FEDORA\", value:\"2014-13764\");\n\n script_name(english:\"Fedora 19 : Pound-2.6-8.fc19 (2014-13764)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Backport various security fixes. Note they usually are extra options\nthat need to be enabled manually so that we won't break \nfunctionality :\n\n - CVE-2011-3389: Make it possible to deny use of 'BEAST'\n vulnerable ciphers\n\n - CVE-2012-4929: Disable compression to be safe from\n 'CRIME'\n\n - CVE-2005-2090: Chunked encofing response splitting (no\n awkward name here)\n\n - CVE-2014-3566: Allow disabling SSLv3 (and others), to\n be safe from 'POODLE'\n\n - A redirect XSS fix\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-November/142795.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a021109f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected Pound package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:Pound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"Pound-2.6-8.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Pound\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:02", "description": "This update fixes certain known vulnerabilities in pound in squeeze-lts by backporting the version in wheezy.\n\nCVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS) 3.12.4 and earlier, multiple Cisco products, and other products, does not properly associate renegotiation handshakes with an existing connection, which allows man-in-the-middle attackers to insert data into HTTPS sessions, and possibly other types of sessions protected by TLS or SSL, by sending an unauthenticated request that is processed retroactively by a server in a post-renegotiation context, related to a 'plaintext injection' attack, aka the 'Project Mogul' issue.\n\nCVE-2011-3389 The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a 'BEAST' attack.\n\nCVE-2012-4929 The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a 'CRIME' attack.\n\nCVE-2014-3566 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the 'POODLE' issue.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2016-01-25T00:00:00", "type": "nessus", "title": "Debian DLA-400-1 : pound security update (BEAST) (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pound", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-400.NASL", "href": "https://www.tenable.com/plugins/nessus/88107", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-400-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88107);\n script_version(\"2.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2009-3555\",\n \"CVE-2011-3389\",\n \"CVE-2012-4929\",\n \"CVE-2014-3566\"\n );\n script_bugtraq_id(\n 36935,\n 49388,\n 49778,\n 55704,\n 70574\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Debian DLA-400-1 : pound security update (BEAST) (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update fixes certain known vulnerabilities in pound in\nsqueeze-lts by backporting the version in wheezy.\n\nCVE-2009-3555 The TLS protocol, and the SSL protocol 3.0 and possibly\nearlier, as used in Microsoft Internet Information Services (IIS) 7.0,\nmod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before\n0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Security Services\n(NSS) 3.12.4 and earlier, multiple Cisco products, and other products,\ndoes not properly associate renegotiation handshakes with an existing\nconnection, which allows man-in-the-middle attackers to insert data\ninto HTTPS sessions, and possibly other types of sessions protected by\nTLS or SSL, by sending an unauthenticated request that is processed\nretroactively by a server in a post-renegotiation context, related to\na 'plaintext injection' attack, aka the 'Project Mogul' issue.\n\nCVE-2011-3389 The SSL protocol, as used in certain configurations in\nMicrosoft Windows and Microsoft Internet Explorer, Mozilla Firefox,\nGoogle Chrome, Opera, and other products, encrypts data by using CBC\nmode with chained initialization vectors, which allows\nman-in-the-middle attackers to obtain plaintext HTTP headers via a\nblockwise chosen-boundary attack (BCBA) on an HTTPS session, in\nconjunction with JavaScript code that uses (1) the HTML5 WebSocket\nAPI, (2) the Java URLConnection API, or (3) the Silverlight WebClient\nAPI, aka a 'BEAST' attack.\n\nCVE-2012-4929 The TLS protocol 1.2 and earlier, as used in Mozilla\nFirefox, Google Chrome, Qt, and other products, can encrypt compressed\ndata without properly obfuscating the length of the unencrypted data,\nwhich allows man-in-the-middle attackers to obtain plaintext HTTP\nheaders by observing length differences during a series of guesses in\nwhich a string in an HTTP request potentially matches an unknown\nstring in an HTTP header, aka a 'CRIME' attack.\n\nCVE-2014-3566 The SSL protocol 3.0, as used in OpenSSL through 1.0.1i\nand other products, uses nondeterministic CBC padding, which makes it\neasier for man-in-the-middle attackers to obtain cleartext data via a\npadding-oracle attack, aka the 'POODLE' issue.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://lists.debian.org/debian-lts-announce/2016/01/msg00025.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/squeeze-lts/pound\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the affected pound package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"pound\", reference:\"2.6-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:13:11", "description": "Pound, a HTTP reverse proxy and load balancer, had several issues related to vulnerabilities in the Secure Sockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually possible to disable client-initiated renegotiation and disables it by default (CVE-2009-3555 ). TLS compression is disabled (CVE-2012-4929 ), although this is normally already disabled by the OpenSSL system library. Finally it adds the ability to disable the SSLv3 protocol (CVE-2014-3566 ) entirely via the new 'DisableSSLv3' configuration directive, although it will not disabled by default in this update. Additionally a non-security sensitive issue in redirect encoding is addressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release, with the exception of client-initiated renegotiation (CVE-2009-3555 ). This update addresses that issue for jessie.", "cvss3": {}, "published": "2015-05-11T00:00:00", "type": "nessus", "title": "Debian DSA-3253-1 : pound - security update (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2009-3555", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:pound", "cpe:/o:debian:debian_linux:7.0", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DSA-3253.NASL", "href": "https://www.tenable.com/plugins/nessus/83306", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3253. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83306);\n script_version(\"2.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-3555\", \"CVE-2012-4929\", \"CVE-2014-3566\");\n script_bugtraq_id(36935, 55704, 70574);\n script_xref(name:\"DSA\", value:\"3253\");\n\n script_name(english:\"Debian DSA-3253-1 : pound - security update (POODLE)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Pound, a HTTP reverse proxy and load balancer, had several issues\nrelated to vulnerabilities in the Secure Sockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it\nactually possible to disable client-initiated renegotiation and\ndisables it by default (CVE-2009-3555 ). TLS compression is disabled\n(CVE-2012-4929 ), although this is normally already disabled by the\nOpenSSL system library. Finally it adds the ability to disable the\nSSLv3 protocol (CVE-2014-3566 ) entirely via the new 'DisableSSLv3'\nconfiguration directive, although it will not disabled by default in\nthis update. Additionally a non-security sensitive issue in redirect\nencoding is addressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the\nrelease, with the exception of client-initiated renegotiation\n(CVE-2009-3555 ). This update addresses that issue for jessie.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=723731\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=727197\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765539\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765649\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-4929\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2014-3566\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2009-3555\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/pound\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/pound\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2015/dsa-3253\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the pound packages.\n\nFor the oldstable distribution (wheezy), these problems have been\nfixed in version 2.6-2+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed\nin version 2.6-6+deb8u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:pound\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/11/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"pound\", reference:\"2.6-2+deb7u1\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"pound\", reference:\"2.6-6+deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:16", "description": "According to its self-reported version number, the instance of Apache Tomcat listening on the remote host is 5.0.x equal to or prior to 5.0.30 or 5.5.x prior to 5.5.23. It is, therefore, affected by an HTTP request smuggling vulnerability.\n\nRequests containing multiple 'content-length' headers are not rejected as invalid. This error can allow web-cache poisoning, cross-site scripting attacks and information disclosure.\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2011-11-18T00:00:00", "type": "nessus", "title": "Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-2090"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_5_5_23.NASL", "href": "https://www.tenable.com/plugins/nessus/17727", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17727);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2005-2090\");\n script_bugtraq_id(13873);\n\n script_name(english:\"Apache Tomcat 5.0.x <= 5.0.30 / 5.5.x < 5.5.23 Content-Length HTTP Request Smuggling\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an HTTP request smuggling\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the instance of Apache\nTomcat listening on the remote host is 5.0.x equal to or prior to\n5.0.30 or 5.5.x prior to 5.5.23. It is, therefore, affected by an HTTP\nrequest smuggling vulnerability.\n\nRequests containing multiple 'content-length' headers are not rejected\nas invalid. This error can allow web-cache poisoning, cross-site\nscripting attacks and information disclosure.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.23,_5.0.SVN\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bb925ad2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://marc.info/?l=tomcat-dev&m=120155101522062&w=2\");\n script_set_attribute(attribute:\"see_also\", value:\"http://marc.info/?l=tomcat-dev&m=117270879831613&w=2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 5.5.23 or later. Alternatively, use\nthe latest SVN source for 5.0.x. SVN revision number 513079 fixes the\nissue.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2005-2090\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\n# nb: 5.0.30 was the last 5.0.x and thus all 5.0.x are vuln\ntomcat_check_version(fixed:\"5.5.23\", min:\"5.0.0\", severity:SECURITY_WARNING, xss:TRUE, granularity_regex:\"^5(\\.5)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:29:49", "description": "Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer Security (TLS) protocol when it is used with data compression. If an attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. This update disables TLS data compression in Qt by default.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-11-09T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : qt4-x11 vulnerability (USN-1628-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libqt4-network", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts"], "id": "UBUNTU_USN-1628-1.NASL", "href": "https://www.tenable.com/plugins/nessus/62870", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1628-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62870);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-4929\");\n script_bugtraq_id(55704);\n script_xref(name:\"USN\", value:\"1628-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS : qt4-x11 vulnerability (USN-1628-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Juliano Rizzo and Thai Duong discovered a flaw in the Transport Layer\nSecurity (TLS) protocol when it is used with data compression. If an\nattacker were able to perform a man-in-the-middle attack, this flaw\ncould be exploited to view sensitive information. This update disables\nTLS data compression in Qt by default.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1628-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4-network package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libqt4-network\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.10|12\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libqt4-network\", pkgver:\"4:4.6.2-0ubuntu5.5\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libqt4-network\", pkgver:\"4:4.7.4-0ubuntu8.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libqt4-network\", pkgver:\"4:4.8.1-0ubuntu4.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4-network\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:11", "description": "This update of libqt4 disabled compression to mitigate the CRIME attack.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libqt4 (openSUSE-SU-2012:1420-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libqt4", "p-cpe:/a:novell:opensuse:libqt4-32bit", "p-cpe:/a:novell:opensuse:libqt4-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-debugsource", "p-cpe:/a:novell:opensuse:libqt4-devel", "p-cpe:/a:novell:opensuse:libqt4-devel-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-devel-doc-data", "p-cpe:/a:novell:opensuse:libqt4-devel-doc-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql", "p-cpe:/a:novell:opensuse:libqt4-devel-doc-debugsource", "p-cpe:/a:novell:opensuse:libqt4-private-headers-devel", "p-cpe:/a:novell:opensuse:libqt4-qt3support", "p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit", "p-cpe:/a:novell:opensuse:libqt4-qt3support-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-32bit", "p-cpe:/a:novell:opensuse:libqt4-qt3support-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-mysql", "p-cpe:/a:novell:opensuse:libqt4-sql-plugins-debugsource", "p-cpe:/a:novell:opensuse:libqt4-sql-postgresql", "p-cpe:/a:novell:opensuse:libqt4-sql-mysql-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-mysql-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite", "p-cpe:/a:novell:opensuse:libqt4-sql-mysql-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-unixodbc", "p-cpe:/a:novell:opensuse:libqt4-sql-unixodbc-32bit", "p-cpe:/a:novell:opensuse:libqt4-sql-unixodbc-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-sql-unixodbc-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libqt4-x11", "p-cpe:/a:novell:opensuse:libqt4-x11-32bit", "p-cpe:/a:novell:opensuse:libqt4-x11-debuginfo", "p-cpe:/a:novell:opensuse:libqt4-x11-debuginfo-32bit", "p-cpe:/a:novell:opensuse:qt4-x11-tools", "p-cpe:/a:novell:opensuse:qt4-x11-tools-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2012-751.NASL", "href": "https://www.tenable.com/plugins/nessus/74796", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-751.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74796);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4929\");\n\n script_name(english:\"openSUSE Security Update : libqt4 (openSUSE-SU-2012:1420-1)\");\n script_summary(english:\"Check for the openSUSE-2012-751 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of libqt4 disabled compression to mitigate the CRIME\nattack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-10/msg00096.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libqt4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel-doc-data\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel-doc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-devel-doc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-private-headers-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-qt3support-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-mysql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-mysql-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-plugins-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-postgresql-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-sqlite-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-unixODBC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-unixODBC-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-unixODBC-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-sql-unixODBC-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libqt4-x11-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qt4-x11-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:qt4-x11-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-debugsource-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-devel-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-devel-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-devel-doc-data-4.8.1-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-devel-doc-debuginfo-4.8.1-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-devel-doc-debugsource-4.8.1-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-private-headers-devel-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-qt3support-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-qt3support-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-mysql-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-mysql-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-plugins-debugsource-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-postgresql-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-postgresql-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-sqlite-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-sqlite-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-unixODBC-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-sql-unixODBC-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-x11-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libqt4-x11-debuginfo-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"qt4-x11-tools-4.8.1-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"qt4-x11-tools-debuginfo-4.8.1-2.4.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-qt3support-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-mysql-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-mysql-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-postgresql-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-postgresql-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-unixODBC-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-sql-unixODBC-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.8.1-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libqt4-x11-debuginfo-32bit-4.8.1-2.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libqt4-devel-doc-data / libqt4-devel-doc-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:22:48", "description": "The TLS protocol 1.2 and earlier can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext content by observing length differences during a series of guesses in which a provided string potentially matches an unknown string in encrypted and compressed traffic. This is known as a CRIME attack in HTTP. Other protocols layered on top of TLS may also make these attacks practical.\n\nThis update disables compression for all programs using SSL and TLS provided by the OpenSSL library. To re-enable compression for programs that need compression to communicate with legacy services, define the variable OPENSSL_DEFAULT_ZLIB in the program's environment.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-07-05T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : openssl vulnerability (USN-1898-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8", "p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10", "cpe:/o:canonical:ubuntu_linux:13.04"], "id": "UBUNTU_USN-1898-1.NASL", "href": "https://www.tenable.com/plugins/nessus/67189", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1898-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(67189);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2012-4929\");\n script_bugtraq_id(55704);\n script_xref(name:\"USN\", value:\"1898-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : openssl vulnerability (USN-1898-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The TLS protocol 1.2 and earlier can encrypt compressed data without\nproperly obfuscating the length of the unencrypted data, which allows\nman-in-the-middle attackers to obtain plaintext content by observing\nlength differences during a series of guesses in which a provided\nstring potentially matches an unknown string in encrypted and\ncompressed traffic. This is known as a CRIME attack in HTTP. Other\nprotocols layered on top of TLS may also make these attacks practical.\n\nThis update disables compression for all programs using SSL and TLS\nprovided by the OpenSSL library. To re-enable compression for programs\nthat need compression to communicate with legacy services, define the\nvariable OPENSSL_DEFAULT_ZLIB in the program's environment.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1898-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libssl0.9.8 and / or libssl1.0.0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl0.9.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libssl1.0.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:13.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|12\\.04|12\\.10|13\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 12.04 / 12.10 / 13.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libssl0.9.8\", pkgver:\"0.9.8k-7ubuntu8.15\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1-4ubuntu5.10\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1c-3ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"13.04\", pkgname:\"libssl1.0.0\", pkgver:\"1.0.1c-4ubuntu8.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libssl0.9.8 / libssl1.0.0\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:30:06", "description": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data. This allows man-in-the-middle attackers to obtain plain text HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, also referred to as a CRIME attack. (CVE-2012-4929)\n\nImpact\n\nConnections to the BIG-IP Configuration utility are at risk.\n\nNote: BIG-IP SSL profiles are not affected.", "cvss3": {}, "published": "2014-10-10T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : CRIME vulnerability via TLS 1.2 protocol (K14054)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2021-03-10T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_wan_optimization_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip", "cpe:/h:f5:big-ip_protocol_security_manager"], "id": "F5_BIGIP_SOL14054.NASL", "href": "https://www.tenable.com/plugins/nessus/78139", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K14054.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(78139);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\"CVE-2012-4929\");\n script_bugtraq_id(55704);\n\n script_name(english:\"F5 Networks BIG-IP : CRIME vulnerability via TLS 1.2 protocol (K14054)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google\nChrome, and other products, can encrypt compressed data without\nproperly obfuscating the length of the unencrypted data. This allows\nman-in-the-middle attackers to obtain plain text HTTP headers by\nobserving length differences during a series of guesses in which a\nstring in an HTTP request potentially matches an unknown string in an\nHTTP header, also referred to as a CRIME attack. (CVE-2012-4929)\n\nImpact\n\nConnections to the BIG-IP Configuration utility are at risk.\n\nNote: BIG-IP SSL profiles are not affected.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K14054\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K14054.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_wan_optimization_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip_protocol_security_manager\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/09/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/12/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K14054\";\nvmatrix = make_array();\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.2-9.4.8\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.0.0-9.4.8\");\n\n# PSM\nvmatrix[\"PSM\"] = make_array();\nvmatrix[\"PSM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"PSM\"][\"unaffected\"] = make_list(\"13.0.0-13.1.0\",\"12.0.0-12.1.3\",\"11.3.0-11.6.3\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"11.3.0\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n# WOM\nvmatrix[\"WOM\"] = make_array();\nvmatrix[\"WOM\"][\"affected\" ] = make_list(\"11.0.0-11.2.1\",\"10.1.0-10.2.4\");\nvmatrix[\"WOM\"][\"unaffected\"] = make_list(\"11.3.0\",\"11.2.1HF4\",\"11.2.0HF4\",\"11.1.0HF6\",\"10.2.4HF6\",\"10.0.0-10.0.1\",\"9.2.0-9.4.8\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_note(port:0, extra:bigip_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:38", "description": "This update disables compression in openssl by default, as the varying sizes resulting from compression can be used to retrieve plaintext in various cases. (CRIME attack CVE-2012-4929).\n\nThis update introduces a environment variable OPENSSL_NO_DEFAULT_ZLIB which can be set to 'no' to reenable compression in selected services.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : openssl (openSUSE-SU-2013:1630-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libopenssl-devel", "p-cpe:/a:novell:opensuse:libopenssl-devel-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo", "p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit", "p-cpe:/a:novell:opensuse:openssl", "p-cpe:/a:novell:opensuse:openssl-debuginfo", "p-cpe:/a:novell:opensuse:openssl-debugsource", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-818.NASL", "href": "https://www.tenable.com/plugins/nessus/75185", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-818.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75185);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4929\");\n\n script_name(english:\"openSUSE Security Update : openssl (openSUSE-SU-2013:1630-1)\");\n script_summary(english:\"Check for the openSUSE-2013-818 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update disables compression in openssl by default, as the varying\nsizes resulting from compression can be used to retrieve plaintext in\nvarious cases. (CRIME attack CVE-2012-4929).\n\nThis update introduces a environment variable OPENSSL_NO_DEFAULT_ZLIB\nwhich can be set to 'no' to reenable compression in selected services.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=793420\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-11/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openssl packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libopenssl1_0_0-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:openssl-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libopenssl-devel-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libopenssl1_0_0-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libopenssl1_0_0-debuginfo-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"openssl-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"openssl-debuginfo-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"openssl-debugsource-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1e-2.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl-devel-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl1_0_0-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"libopenssl1_0_0-debuginfo-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-debuginfo-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"openssl-debugsource-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl-devel-32bit-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-32bit-1.0.1e-1.13.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", cpu:\"x86_64\", reference:\"libopenssl1_0_0-debuginfo-32bit-1.0.1e-1.13.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:18:30", "description": "libqt4 has been updated to fix the 'CRIME' attack where compression using SSL connections have side-channel attacks to leak plaintext or cryptographic keys.\n\nCompression has been disabled to mitigate the CRIME attack.\n(CVE-2012-4929)", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.2 Security Update : Qt4 (SAT Patch Number 6935)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libqtwebkit4", "p-cpe:/a:novell:suse_linux:11:libqtwebkit4-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4", "p-cpe:/a:novell:suse_linux:11:libqt4-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support", "p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-mysql", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-mysql-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-postgresql", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-postgresql-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-unixodbc", "p-cpe:/a:novell:suse_linux:11:libqt4-sql-unixodbc-32bit", "p-cpe:/a:novell:suse_linux:11:libqt4-x11", "p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBQTWEBKIT-DEVEL-121010.NASL", "href": "https://www.tenable.com/plugins/nessus/64192", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64192);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-4929\");\n\n script_name(english:\"SuSE 11.2 Security Update : Qt4 (SAT Patch Number 6935)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libqt4 has been updated to fix the 'CRIME' attack where compression\nusing SSL connections have side-channel attacks to leak plaintext or\ncryptographic keys.\n\nCompression has been disabled to mitigate the CRIME attack.\n(CVE-2012-4929)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=779952\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4929.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6935.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libQtWebKit4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libQtWebKit4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-qt3support-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-mysql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-postgresql-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-sqlite-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-unixODBC\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-sql-unixODBC-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libqt4-x11-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 2) audit(AUDIT_OS_NOT, \"SuSE 11.2\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libQtWebKit4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-qt3support-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-sql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-sql-mysql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-sql-postgresql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-sql-sqlite-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-sql-unixODBC-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"i586\", reference:\"libqt4-x11-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libQtWebKit4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libQtWebKit4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-qt3support-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-mysql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-mysql-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-postgresql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-postgresql-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-sqlite-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-unixODBC-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-unixODBC-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-x11-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libQtWebKit4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-qt3support-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-sql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-sql-mysql-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-sql-sqlite-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, reference:\"libqt4-x11-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libQtWebKit4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libqt4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libqt4-qt3support-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libqt4-sql-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"s390x\", reference:\"libqt4-x11-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libQtWebKit4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-qt3support-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-sql-32bit-4.6.3-5.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:2, cpu:\"x86_64\", reference:\"libqt4-x11-32bit-4.6.3-5.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:33:59", "description": "Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL protocol when using compression. This side channel attack, dubbed'CRIME', allows eavesdroppers to gather information to recover the original plaintext in the protocol. This update to nginx disables SSL compression.", "cvss3": {}, "published": "2013-02-18T00:00:00", "type": "nessus", "title": "Debian DSA-2627-1 : nginx - information leak", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:nginx", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2627.NASL", "href": "https://www.tenable.com/plugins/nessus/64663", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2627. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64663);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-4929\");\n script_bugtraq_id(55704);\n script_xref(name:\"DSA\", value:\"2627\");\n\n script_name(english:\"Debian DSA-2627-1 : nginx - information leak\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Juliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack,\ndubbed'CRIME', allows eavesdroppers to gather information to recover\nthe original plaintext in the protocol. This update to nginx disables\nSSL compression.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700426\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/nginx\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2627\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the nginx packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:nginx\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"nginx\", reference:\"0.7.67-3+squeeze3\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"nginx-dbg\", reference:\"0.7.67-3+squeeze3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:deb_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:25:44", "description": "NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (x86) : 125359-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125359", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_X86_125359-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107926);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (x86) : 125359-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125359-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris_x86: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125359-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125359-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125359\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"i386\") audit(AUDIT_ARCH_NOT, \"i386\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10_x86\", arch:\"i386\", patch:\"125359-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.21.41\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:27:44", "description": "Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL) which contains a switch to disable a countermeasure against certain attacks against block ciphers that permit guessing the initialization vectors, providing that an attacker can make the application (fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.", "cvss3": {}, "published": "2012-08-30T00:00:00", "type": "nessus", "title": "FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:fetchmail", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_18CE9A90F26911E1BE53080027EF73EC.NASL", "href": "https://www.tenable.com/plugins/nessus/61725", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2019 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61725);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"FreeBSD : fetchmail -- chosen plaintext attack against SSL CBC initialization vectors (18ce9a90-f269-11e1-be53-080027ef73ec) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote FreeBSD host is missing a security-related update.\");\n script_set_attribute(attribute:\"description\", value:\n\"Matthias Andree reports :\n\nFetchmail version 6.3.9 enabled 'all SSL workarounds' (SSL_OP_ALL)\nwhich contains a switch to disable a countermeasure against certain\nattacks against block ciphers that permit guessing the initialization\nvectors, providing that an attacker can make the application\n(fetchmail) encrypt some data for him -- which is not easily the case.\n\nStream ciphers (such as RC4) are unaffected.\n\nCredits to Apple Product Security for reporting this.\");\n # https://vuxml.freebsd.org/freebsd/18ce9a90-f269-11e1-be53-080027ef73ec.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1aeae316\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/01/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:fetchmail\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"fetchmail>=6.3.9<6.3.22\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:27", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-01-23T00:00:00", "type": "nessus", "title": "Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:gnome-python2-extras", "p-cpe:/a:fedoraproject:fedora:nspr", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:perl-gtk2-mozembed", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2011-17399.NASL", "href": "https://www.tenable.com/plugins/nessus/57622", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17399.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57622);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_xref(name:\"FEDORA\", value:\"2011-17399\");\n\n script_name(english:\"Fedora 15 : firefox-9.0.1-1.fc15 / gnome-python2-extras-2.25.3-35.fc15.4 / nspr-4.8.9-2.fc15 / etc (2011-17399)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nNotable nss changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072222.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?47ee3616\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072223.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?12cc855e\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072224.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0bf1b5d3\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072225.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3c745d9a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072226.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?648a9ef9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072227.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ab134ef\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2aa50f32\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072229.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9f1fb28a\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072230.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e3ea6b9\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-January/072231.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a402c324\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_attribute(attribute:\"risk_factor\", value:\"High\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnome-python2-extras\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nspr\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:perl-Gtk2-MozEmbed\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"firefox-9.0.1-1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"gnome-python2-extras-2.25.3-35.fc15.4\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nspr-4.8.9-2.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-3.13.1-10.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-softokn-3.13.1-15.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"nss-util-3.13.1-3.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"perl-Gtk2-MozEmbed-0.09-1.fc15.8\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-9.0-4.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc15\")) flag++;\nif (rpm_check(release:\"FC15\", reference:\"xulrunner-9.0.1-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / gnome-python2-extras / nspr / nss / nss-softokn / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:40", "description": "The remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2012-01-10T00:00:00", "type": "nessus", "title": "MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/o:microsoft:windows"], "id": "SMB_NT_MS12-006.NASL", "href": "https://www.tenable.com/plugins/nessus/57474", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57474);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"MSKB\", value:\"2585542\");\n script_xref(name:\"MSKB\", value:\"2638806\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"MS12-006: Vulnerability in SSL/TLS Could Allow Information Disclosure (2643584)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possibe to obtain sensitive information from the remote\nWindows host using the Secure Channel security package.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by an information disclosure\nvulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols\ndue to a flaw in the way the initialization vector (IV) is selected\nwhen operating in cipher-block chaining (CBC) modes. A\nman-in-the-middle attacker can exploit this to obtain plaintext HTTP\nheader data, by using a blockwise chosen-boundary attack (BCBA) on an\nHTTPS session, in conjunction with JavaScript code that uses the HTML5\nWebSocket API, the Java URLConnection API, or the Silverlight\nWebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Microsoft has released a set of patches for XP, 2003, Vista, 2008, 7,\nand 2008 R2.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows : Microsoft Bulletins\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\", \"ms_bulletin_checks_possible.nasl\");\n script_require_keys(\"SMB/MS_Bulletin_Checks/Possible\");\n script_require_ports(139, 445, \"Host/patch_management_checks\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"SMB/MS_Bulletin_Checks/Possible\");\n\nbulletin = 'MS12-006';\nkbs = make_list('2585542', '2638806');\nif (get_kb_item(\"Host/patch_management_checks\")) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_WARNING);\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit(\"SMB/WindowsVersion\", exit_code:1);\n\nif (hotfix_check_sp_range(xp:'3', win2003:'2', vista:'2', win7:'0,1') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nvuln = 0;\nif (winver == '5.2')\n{\n rootfile = hotfix_get_systemroot();\n if (!rootfile) exit(1, \"Can't get the system root.\");\n\n share = ereg_replace(pattern:\"^([A-Za-z]):.*\", replace:\"\\1$\", string:rootfile);\n path = ereg_replace(pattern:\"^[A-Za-z](.*)\", replace:\"\\1\", string:rootfile);\n\n login = kb_smb_login();\n pass = kb_smb_password();\n domain = kb_smb_domain();\n port = kb_smb_transport();\n\n if(! smb_session_init(timeout: get_read_timeout() + 10)) audit(AUDIT_FN_FAIL, \"smb_session_init\");\n\n hcf_init = TRUE;\n\n rc = NetUseAdd(login:login, password:pass, domain:domain, share:share);\n if (rc != 1)\n {\n NetUseDel();\n audit(AUDIT_SHARE_FAIL, share);\n }\n\n winsxs = ereg_replace(pattern:\"^[A-Za-z]:(.*)\", replace:\"\\1\\WinSxS\", string:rootfile);\n files = list_dir(basedir:winsxs, level:0, dir_pat:\"WinHTTP\", file_pat:\"^winhttp\\.dll$\", max_recurse:1);\n\n vuln += hotfix_check_winsxs(os:'5.2', sp:2, files:files, versions:make_list('5.2.3790.4929'), max_versions:make_list('5.2.3790.9999'), bulletin:bulletin, kb:'2638806');\n}\n\nkb = '2585542';\nif (!is_accessible_share()) exit(1, \"is_accessible_share() failed.\");\nif (\n # Windows 7 / Server 2008 R2\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.21861\", min_version:\"6.1.7601.21000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:1, file:\"Schannel.dll\", version:\"6.1.7601.17725\", min_version:\"6.1.7601.17000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.21092\", min_version:\"6.1.7600.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.1\", sp:0, file:\"Schannel.dll\", version:\"6.1.7600.16915\", min_version:\"6.1.7600.16000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Vista / Windows Server 2008\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.22742\", min_version:\"6.0.6002.20000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n hotfix_is_vulnerable(os:\"6.0\", sp:2, file:\"Schannel.dll\", version:\"6.0.6002.18541\", min_version:\"6.0.6002.18000\", dir:\"\\system32\", bulletin:bulletin, kb:kb) ||\n\n # Windows 2003\n hotfix_is_vulnerable(os:\"5.2\", sp:2, file:\"Schannel.dll\", version:\"5.2.3790.4935\", dir:\"\\System32\", bulletin:bulletin, kb:kb) ||\n\n # Windows XP\n hotfix_is_vulnerable(os:\"5.1\", sp:3, arch:\"x86\", file:\"Schannel.dll\", version:\"5.1.2600.6175\", dir:\"\\System32\", bulletin:bulletin, kb:kb)\n)\n{\n vuln++;\n hotfix_check_fversion_end();\n}\nhotfix_check_fversion_end();\n\nif (vuln)\n{\n set_kb_item(name:\"SMB/Missing/\"+bulletin, value:TRUE);\n hotfix_security_warning();\n\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, 'affected');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:09:41", "description": "The version of Oracle HTTP Server installed on the remote host is affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.", "cvss3": {}, "published": "2015-01-27T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_JAN_2015_LDAP.NASL", "href": "https://www.tenable.com/plugins/nessus/81003", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(81003);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Oracle Fusion Middleware Security Service Information Disclosure (January 2015 CPU) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by an information disclosure vulnerability, known as BEAST,\nin the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the\ninitialization vector (IV) is selected when operating in cipher-block\nchaining (CBC) modes. A man-in-the-middle attacker can exploit this to\nobtain plaintext HTTP header data, by using a blockwise\nchosen-boundary attack (BCBA) on an HTTPS session, in conjunction with\nJavaScript code that uses the HTML5 WebSocket API, the Java\nURLConnection API, or the Silverlight WebClient API.\");\n # https://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?75c6cafb\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2015 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/01/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"oracle_rdbms_cpu_func.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"Oracle/OHS/Installed\");\ninstalls = get_kb_list_or_exit(\"Oracle/OHS/*/Version\");\nhascomp = FALSE;\n\n# For this check, we need Middleware home which should be\n# oracle_common one directory up\nforeach install (keys(installs))\n{\n mwohome = install - 'Oracle/OHS/';\n mwohome = mwohome - '/Version';\n\n mwohome = ereg_replace(pattern:'^(/.*/).*$', string:mwohome, replace:\"\\1oracle_common\");\n\n # Make sure the component that is being patched exists in\n # the Middleware home\n if (find_oracle_component_in_ohome(ohome:mwohome, compid:'oracle.ldap.rsf'))\n {\n hascomp = TRUE;\n mwinstalls[mwohome] = installs[install];\n }\n}\n\npatches = make_array();\npatches['12.1.3.0'] = make_list('19485414','22557350', '26398022', '24329181', '27244723', '30112527', '30692958');\npatches['12.1.2.0'] = make_list('19485397', '21768251', '21773977');\n\nif(hascomp)\n{\n oracle_product_check_vuln(\n product : 'Oracle HTTP Server',\n installs : mwinstalls,\n patches : patches\n );\n}\nelse exit(0, 'No Middleware Homes were found with the oracle.ldap.rsf component.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:28", "description": "A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow information disclosure if an attacker intercepts encrypted traffic served from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an affected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or one-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the 'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL is initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the setting can be controlled via the registry key HKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS implementation, some may be vulnerable while others may not be, depending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1 protocol implemented in the server. It does not detect the BEAST attack where it exploits the vulnerability at HTTPS client-side (i.e., Internet browser). The detection at server-side does not necessarily mean your server is vulnerable to the BEAST attack, because the attack exploits the vulnerability at the client-side, and both SSL/TLS clients and servers can independently employ the split record countermeasure.", "cvss3": {}, "published": "2012-04-16T00:00:00", "type": "nessus", "title": "SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": [], "id": "SSL3_TLS1_IV_IMPL_INFO_DISCLOSURE.NASL", "href": "https://www.tenable.com/plugins/nessus/58751", "sourceData": "#TRUSTED 1c09e57918a34eb380475831ff14af56c6a719d156a8b7fa6cb7553e658f8a22ac62dbcc9996e7729fa6d14bf83687cc951f1f2f10a651d629e67419f552e4533ca25e6f631c768859627a1a471575658187eaa923dccbfdac42910dc2528657788ad512bcffeb6005787672d1b0451bf28ac08de4509757325eb858a9172e61149083219a1b8f90e5b58db207c0b38cb5d2d14622bb8d5ed425d3d933c36c25872e6bb88776827a0317d53557989e4380bc2516e85533de1e4cb169368d0dd17d7fc838ef37f3a9eaa415fb0bac21e25e6a226ecb93de57d5ab1f6c51401082713ce479cb38866df0c7002ed7e2aae7c32e42817078a07a25a8accdcb5d1aef1b5a8b98ff45d9bbce57a0256e3184b125bcea13b14f7b88333258165a1b20367b445b2af45c48f60799c2d7427746060ab5211190c7964e742b7e12820e0858b90b0f6140a4714691fd456e3b012e711ee22947117ed1c1fe7c658276fb211774cb92d35a5b6ea26ee9d61abaf0a1a0504083b274823fed5fd0754ad17d4a6aa558750b4e0173b73f0d3d07a47337e0741026a1179c97a672296d49a6b1a60c8b8f320b15c4616b41fbcb6ec2215294eb81ca5130cd383c22561db3bf62ffdc41822728a634f3e47cad5b0b99d7abe51aaaf1a97c70b5f00aa9aaf37530b40912e0988c6bdfb679059e6b22a7ccf53bc6a746e8e50abed07d7372ae11133e99\n#TRUST-RSA-SHA256 7f1a56671af4ff831be079d04ae1817a8d85bd3aca74dbe89504a356f731ec1ed5332c6365a749070a483bbf19b4b3e7e5724902fdb9a2c7ea786fa282eeebf258e07bff782856dbc8ff001c602d8184063bf97282c87ef5e236ee565662711bbb7d848785f4319a12934198c543c382e7e2e30fa0c77a4284f841a75f2d58e6f992c156b8b87b1c6bb5591d6dc607bec5183f9a192274e13beb5cfbacfa36de7a90397598e7501cf1f97597b1aa28dfcf47277044445ddc75133dd74debc776051b1ea8606ba6765a0b2d6cda721332d1c88a1a7354c65cfed7bece58e9813b340d90fedee490a70524ffef05913f88036c952619271605f5e5ee04749ecf1517a4abff9a51c1ce78497b018e77a6e2a3dc9216d1a7e8df2870516c4b9468338cf4df456e955c529c7fcdc11f4f5f842e1821f82dd7294b990e3f1aa4d004d5de02087633cace8508484f8f17f1675d137c4672be69ba628a0042eea4f20ab592c4645f44ccd688f02733937031b204f9056994f5310e6406fb6d4167f246d4e0df6392768610b581cf28b2d6616dc52691f99f7d544bdd665cccf735efc2f8ecd00d67947942283485ed729b0069dfc1a909cae42471ea23f5d7f6ad0912efa5550929a1496a09f9aea266bbf9f81928c90f13215ace006182e8d364074b058aa32ed6b667bbab393080ba67eb03da984146462dea734030088e9cf7c91532\n#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58751);\n script_version(\"1.43\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"MSFT\", value:\"MS12-006\");\n script_xref(name:\"IAVB\", value:\"2012-B-0006\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"It may be possible to obtain sensitive information from the remote\nhost with SSL/TLS-enabled services.\");\n script_set_attribute(attribute:\"description\", value:\n\"A vulnerability exists in SSL 3.0 and TLS 1.0 that could allow\ninformation disclosure if an attacker intercepts encrypted traffic\nserved from an affected system.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\n\nThis plugin tries to establish an SSL/TLS remote connection using an\naffected SSL version and cipher suite and then solicits return data.\nIf returned application data is not fragmented with an empty or\none-byte record, it is likely vulnerable.\n\nOpenSSL uses empty fragments as a countermeasure unless the\n'SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS' option is specified when OpenSSL\nis initialized.\n\nMicrosoft implemented one-byte fragments as a countermeasure, and the\nsetting can be controlled via the registry key\nHKEY_LOCAL_MACHINE\\System\\CurrentControlSet\\Control\\SecurityProviders\\SCHANNEL\\SendExtraRecord.\n\nTherefore, if multiple applications use the same SSL/TLS\nimplementation, some may be vulnerable while others may not be,\ndepending on whether or not a countermeasure has been enabled.\n\nNote that this plugin detects the vulnerability in the SSLv3/TLSv1\nprotocol implemented in the server. It does not detect the BEAST\nattack where it exploits the vulnerability at HTTPS client-side\n(i.e., Internet browser). The detection at server-side does not\nnecessarily mean your server is vulnerable to the BEAST attack,\nbecause the attack exploits the vulnerability at the client-side, and\nboth SSL/TLS clients and servers can independently employ the split\nrecord countermeasure.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://vnhacker.blogspot.com/2011/09/beast.html\");\n # https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2012/ms12-006\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?649b81c1\");\n # https://support.microsoft.com/en-us/help/2643584/ms12-006-vulnerability-in-ssl-tls-could-allow-information-disclosure-j\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?84775fd6\");\n script_set_attribute(attribute:\"see_also\", value:\"https://blogs.msdn.microsoft.com/kaushal/2012/01/20/fixing-the-beast/\");\n script_set_attribute(attribute:\"solution\", value:\n\"Configure SSL/TLS servers to only use TLS 1.1 or TLS 1.2 if supported.\nConfigure SSL/TLS servers to only support cipher suites that do not\nuse block ciphers. Apply patches if available.\n\nNote that additional configuration may be required after the\ninstallation of the MS12-006 security update in order to enable the\nsplit-record countermeasure. See Microsoft KB2643584 for details.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"General\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssl_supported_versions.nasl\");\n script_require_keys(\"SSL/Supported\");\n\n exit(0);\n}\n\ninclude(\"ftp_func.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"http.inc\");\ninclude(\"ldap_func.inc\");\ninclude(\"nntp_func.inc\");\ninclude(\"smtp_func.inc\");\ninclude(\"telnet2_func.inc\");\ninclude(\"x509_func.inc\");\ninclude(\"rsync.inc\");\ninclude(\"audit.inc\");\ninclude(\"string.inc\");\n\nglobal_var _ssl;\n\nif (!get_kb_item(\"Settings/PCI_DSS\") && !thorough_tests) exit(0, \"This plugin only runs if 'Thorough tests' is enabled or if PCI scanning is enabled.\");\n##\n# Get cipher description.\n#\n# @return Value of ciphers_desc[<name>] from ssl_funcs.inc.\n##\nfunction ssl3_get_cipher_desc()\n{\n local_var cipher, name;\n\n if (!isnull(_ssl['cipher_desc']))\n return _ssl['cipher_desc'];\n\n cipher = _ssl['cipher'];\n name = cipher_name(id:cipher);\n if (isnull(name)) return NULL;\n\n return ciphers_desc[name];\n}\n\n##\n# Checks whether a cipher is in a list of cipher suites.\n#\n# @anonparam cipher Cipher in question.\n# @anonparam ciphers List of cipher suites.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_cipher_in_list()\n{\n local_var cipher, ciphers, i, id, len;\n\n cipher = _FCT_ANON_ARGS[0];\n ciphers = _FCT_ANON_ARGS[1];\n\n len = strlen(ciphers);\n for (i = 0; i < len; i += 2)\n {\n id = substr(ciphers, i, i + 2 - 1);\n if (cipher == id) return TRUE;\n }\n\n return FALSE;\n}\n\n##\n# Split the key block into IVs, cipher keys, and MAC keys.\n#\n# @anonparam keyblk Key block derived from the master secret.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_set_keys()\n{\n local_var desc, mac_size, iv_size, key_size, keyblk, pos;\n local_var encrypt, mac;\n\n desc = ssl3_get_cipher_desc();\n if (isnull(desc)) return FALSE;\n\n encrypt = cipher_field(name:desc, field:\"encrypt\");\n mac = cipher_field(name:desc, field:\"mac\");\n\n keyblk = _FCT_ANON_ARGS[0];\n\n # Determine the size of the key block's fields.\n if ('SHA1' >< mac) mac_size = 20;\n else if ('MD5' >< mac) mac_size = 16;\n else return FALSE;\n\n if ('3DES-CBC(168)' >< encrypt) { key_size = 24; iv_size = 8; }\n else if ('DES-CBC(56)' >< encrypt) { key_size = 8; iv_size = 8; }\n else if ('AES-CBC(128)' >< encrypt) { key_size = 16; iv_size = 16; }\n else if ('AES-CBC(256)' >< encrypt) { key_size = 32; iv_size = 16; }\n else return FALSE;\n\n # Ensure the block is big enough.\n if (strlen(keyblk) < 2 * (mac_size + key_size + iv_size))\n return FALSE;\n\n # Extract the data from the key block.\n pos = 0;\n _ssl['enc_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['dec_mac_key'] = substr(keyblk, pos, pos + mac_size - 1); pos += mac_size;\n _ssl['enc_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['dec_key'] = substr(keyblk, pos, pos + key_size - 1); pos += key_size;\n _ssl['enc_iv'] = substr(keyblk, pos, pos + iv_size - 1); pos += iv_size;\n _ssl['dec_iv'] = substr(keyblk, pos, pos + iv_size - 1);\n\n return TRUE;\n}\n\n##\n# Hashes data.\n#\n# @anonparam data Data to be hashed.\n#\n# @return Message digest of the given data.\n##\nfunction ssl3_hash()\n{\n local_var data, desc;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if ('SHA1' >< desc)\n return SHA1(data);\n\n if ('MD5' >< desc)\n return MD5(data);\n\n return NULL;\n}\n\n##\n# Compute the HMAC of the data.\n#\n# @anonparam data Data to be HMACed.\n# @anonparam key The key for the HMAC algorithm.\n#\n# @return HMAC of the given data.\n##\nfunction ssl3_hmac()\n{\n local_var data, desc, key;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"mac\");\n if (empty_or_null(desc)) return NULL;\n\n key = _FCT_ANON_ARGS[0];\n data = _FCT_ANON_ARGS[1];\n\n if ('SHA1' >< desc)\n return HMAC_SHA1(key:key, data:data);\n\n if ('MD5' >< desc)\n return HMAC_MD5(key:key, data:data);\n\n return NULL;\n}\n\n##\n# Computes the MAC of the data.\n#\n# @param client Whether the data is from the client or server.\n# @param data The data to be calculate the MAC of.\n# @param type The type of the record.\n#\n# @returns The MAC of the given data, in protocol-specific form.\n##\nfunction ssl3_mac(client, data, type)\n{\n local_var key, seq;\n\n if (isnull(client))\n client = TRUE;\n\n if (client)\n {\n key = _ssl['enc_mac_key'];\n seq = _ssl['clt_seq'];\n }\n else\n {\n key = _ssl['dec_mac_key'];\n seq = _ssl['srv_seq'];\n }\n\n # Encode the client sequence number.\n seq = mkdword(0) + mkdword(seq);\n\n if (_ssl['version'] == SSL_V3)\n {\n return ssl3_hash(\n key + # Key\n crap(data:'\\x5c', length:40) + # O-Pad\n ssl3_hash( #\n key + # Key\n crap(data:'\\x36', length:40) + # I-Pad\n seq + # 64-bit sequence number\n mkbyte(type) + # Record ID\n mkword(strlen(data)) + # Data length\n data # Data\n )\n );\n }\n\n if (_ssl['version'] == TLS_10)\n {\n return ssl3_hmac(\n key,\n seq + tls_mk_record(type:type, data:data, version:TLS_10)\n );\n }\n\n return NULL;\n}\n\n##\n# Encrypt or decrypt data.\n#\n# @anon param data input data\n# @param enc Whether to encrypt (TRUE) or decrypt (FALSE).\n#\n# @return Result of encrypting or decrypting the given data.\n##\nfunction ssl3_crypt(enc)\n{\n local_var data, desc, iv, key, out, ret;\n\n desc = cipher_field(name:ssl3_get_cipher_desc(), field:\"encrypt\");\n if (empty_or_null(desc)) return NULL;\n\n data = _FCT_ANON_ARGS[0];\n\n if (enc)\n {\n key = _ssl['enc_key'];\n iv = _ssl['enc_iv'];\n }\n else\n {\n key = _ssl['dec_key'];\n iv = _ssl['dec_iv'];\n }\n\n if ('3DES-CBC(168)' >< desc)\n {\n if (enc)\n ret = tripledes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = tripledes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n else if ('DES-CBC(56)' >< desc)\n {\n out = des_cbc_encrypt(data:data, key:key, iv:iv, encrypt:enc);\n if (enc)\n ret = make_list(out, substr(out, strlen(out) - 8));\n else\n ret = make_list(out, substr(data, strlen(data) - 8));\n }\n else if ('AES-CBC(128)' >< desc || 'AES-CBC(256)' >< desc)\n {\n if (enc)\n ret = aes_cbc_encrypt(data:data, key:key, iv:iv);\n else\n ret = aes_cbc_decrypt(data:data, key:key, iv:iv);\n }\n\n if (isnull(ret)) return NULL;\n\n # Update IV for the next block.\n if (enc)\n _ssl['enc_iv'] = ret[1];\n else\n _ssl['dec_iv'] = ret[1];\n\n return ret[0];\n}\n\n##\n# Encrypt data with the block cipher.\n#\n# @anonparam data The data to be encrypted.\n#\n# @return The ciphertext of the given data.\n##\nfunction ssl3_encrypt()\n{\n local_var data, block_size, padlen;\n\n data = _FCT_ANON_ARGS[0];\n\n # Calculate how much padding is needed to fill the block.\n block_size = strlen(_ssl['enc_iv']);\n padlen = block_size - (strlen(data) % block_size);\n\n # Append the padding to the data.\n data += crap(data:mkbyte(padlen - 1), length:padlen);\n\n return ssl3_crypt(data, enc:TRUE);\n}\n\n##\n# Decrypt data with the block cipher.\n#\n# @anonparam data The data to be decrypted.\n#\n# @return The plaintext of the given data.\n##\nfunction ssl3_decrypt()\n{\n return ssl3_crypt(_FCT_ANON_ARGS[0], enc:FALSE);\n}\n\n##\n# Sets an error message\n#\n# @anonparam msg The error message.\n#\n# @return NULL.\n##\nfunction ssl3_set_error()\n{\n _ssl['error'] = _FCT_ANON_ARGS[0];\n\n return NULL;\n}\n\n##\n# Get last error message.\n#\n# @return Last error message.\n##\nfunction ssl3_get_lasterror()\n{\n return _ssl['error'];\n}\n\n##\n# Write data from an established SSL connection.\n#\n# @anonparam data Data to be written.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_write()\n{\n local_var data, dlen, mac, rec, rlen, sent, type;\n\n data = _FCT_ANON_ARGS[0];\n\n type = SSL3_CONTENT_TYPE_APPLICATION_DATA;\n dlen = strlen(data);\n\n # Compute the MAC of the unencrypted application data.\n mac = ssl3_mac(data:data, type:type);\n\n # Append the MAC to the data and encrypt everything.\n data = ssl3_encrypt(data + mac);\n\n # Make a record and send it to the server.\n rec = ssl_mk_record(type:type, data:data, version:_ssl['version']);\n rlen = strlen(rec);\n sent = send(socket:_ssl['sock'], data:rec);\n if (sent != rlen)\n return ssl3_set_error('ssl3_write(): Only sent ' + sent + ' of ' + rlen + ' bytes to port ' + _ssl['port'] + '.');\n\n _ssl['clt_seq']++;\n\n return dlen;\n}\n\n##\n# Read data from an established SSL connection.\n#\n# @param len Number of bytes to be read.\n#\n# @return Data read, or NULL if there is an error.\n##\nfunction ssl3_read(len)\n{\n local_var computed_mac, data, dlen, embedded_mac, end, i, maclen;\n local_var msg, padlen, rec, srv_seq, start, timeout;\n\n # Return data can be split into multiple records.\n while (TRUE)\n {\n # Check if we have received enough received data to satisfy the\n # caller.\n if (len && strlen(_ssl['app_data']) >= len)\n {\n # Remove the requested amount of data from the receive buffer.\n data = substr(_ssl['app_data'], 0, len - 1);\n _ssl['app_data'] -= data;\n\n return data;\n }\n\n # Receive an SSL message.\n # Some Microsoft Exchange servers take many seconds to reply to an\n # SMTP command, causing this check to false-negative.\n # Obey a longer read timeout, but make 15 seconds the minimum to\n # cope with these servers.\n timeout = get_read_timeout();\n if (timeout < 15)\n timeout = 15;\n msg = recv_ssl(socket:_ssl['sock'], timeout:timeout);\n if (isnull(msg)) break;\n\n # Parse the message, keeping in mind that the body is encrypted.\n rec = ssl_parse(blob:msg, encrypted:TRUE);\n if (isnull(rec))\n return ssl3_set_error('ssl3_read(): Failed to parse encrypted SSL record.');\n\n # Check protocol version.\n if (rec['version'] != _ssl['version'])\n return ssl3_set_error('ssl3_read(): SSL/TLS protocol version mismatch.');\n\n # Ensure that the record isn't an alert.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_ALERT)\n return ssl3_set_error('ssl3_read(): Alert received from port ' + _ssl['port'] + '.');\n\n # Decrypt the application data.\n data = ssl3_decrypt(rec['data']);\n dlen = strlen(data);\n\n # Check that padding on the data is sane.\n maclen = strlen(_ssl['enc_mac_key']);\n padlen = getbyte(blob:data, pos:dlen - 1);\n if (padlen + 1 + maclen > dlen)\n return ssl3_set_error('ssl3_read(): invalid padlen ' + padlen + '.');\n\n # Check pad bytes for TLS 1.0\n # For SSL 3.0, pad bytes can have arbitrary values\n # For TLS 1.0, each pad byte must be same as padlen\n if (_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(data[dlen - 2 -i]) != padlen)\n return ssl3_set_error('ssl3_read(): invalid block cipher padding.');\n }\n }\n\n # Extract the MAC, which is appended to the payload.\n end = dlen - (padlen + 1) - 1;\n start = end - maclen + 1;\n embedded_mac = substr(data, start, end);\n\n # Extract decrypted application data.\n end = start - 1;\n start = 0;\n data = substr(data, start, end);\n\n\n # Compute the MAC of the decrypted application data.\n computed_mac = ssl3_mac(data:data, type:rec['content_type'], client:FALSE);\n\n # Compare the embedded MAC and the computed MAC.\n if (computed_mac != embedded_mac)\n return ssl3_set_error('ssl3_read(): MACs do not match.');\n\n # The MAC was proper, so this packet is accepted.\n _ssl['srv_seq']++;\n\n # Add application data to our receive buffer.\n if (rec['content_type'] == SSL3_CONTENT_TYPE_APPLICATION_DATA)\n {\n _ssl['app_data'] += data;\n _ssl['app_recs'] += 1;\n\n\n # Check for mitigation techniques:\n # - Empty records: OpenSSL uses this technique if\n # SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS is not set.\n # - One-byte records: Microsoft uses this technique.\n #\n # Check for split-record for the first 2 app data records\n if(_ssl['app_recs'] < 3)\n {\n if (isnull(data))\n _ssl['empty_rec'] = TRUE;\n else if (strlen(data) == 1)\n _ssl['one_byte_rec'] = TRUE;\n }\n }\n }\n\n # If the read length could not be satisfied, return whatever is in\n # the receive buffer, and clear it for future calls.\n data = _ssl['app_data'];\n _ssl['app_data'] = '';\n\n if (empty_or_null(data) && socket_get_error(_ssl['sock']) == ETIMEDOUT)\n return ssl3_set_error('ssl3_read(): Server did not reply after waiting ' + timeout + ' seconds. Consider increasing the read timeout in your scan policy.');\n\n return data;\n}\n\n##\n# Disconnect from the SSL server.\n##\nfunction ssl3_disconnect()\n{\n close(_ssl['sock']);\n}\n\n##\n# Tries to make an SSL/TLS connection to the server.\n#\n# @return TRUE for success, FALSE otherwise.\n##\nfunction ssl3_connect()\n{\n local_var cert, cipher, ckex, clt_finished, clt_random;\n local_var dh_privkey, pubkey;\n local_var dh_x, e, embedded_mac, embedded_srv_finished;\n local_var end, hs, i,keyblk, len, mac, mac_size;\n local_var master, msg, n, padlen, parsed, pkt, plain, port;\n local_var premaster, rec, recs, skex, soc, srv_finished, srv_random;\n local_var start, version, x;\n\n # Get a socket to perform a handshake.\n port = _ssl['port'];\n soc = open_sock_ssl(port);\n if (!soc)\n return ssl3_set_error('ssl3_connect(): Failed to connect to port ' + port + '.');\n\n version = _ssl['version'];\n cipher = _ssl['cipher'];\n\n # Make a ClientHello msg.\n msg =\n mkword(version) + # Client version\n dec2hex(num:unixtime()) + # Challenge, epoch portion\n rand_str(length:28) + # Challenge, random portion\n ssl_vldata_put(data:'', len:1) + # Session ID\n ssl_vldata_put(data:cipher, len:2) + # Cipher spec\n ssl_vldata_put(data:'\\x00', len:1) + # Compression spec\n ssl_vldata_put(data:tls_ext_ec(keys(curve_nid.tls)), len:2); # supported curves\n msg = ssl_mk_handshake_msg(data:msg, type:SSL3_HANDSHAKE_TYPE_CLIENT_HELLO);\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the ClientHello record.\n send(socket:soc, data:rec);\n\n # Parse the ClientHello record.\n parsed = ssl_parse(blob:rec);\n clt_random = mkdword(parsed['time']) + parsed['random'];\n\n # Start collecting the bodies of handshake messages, which are used\n # to generate the encrypted Finished message.\n hs = substr(rec, 5, strlen(rec) - 1);\n\n # Read records one at a time. Expect to see at a minimum:\n # ServerHello, Certificate, and ServerHelloDone.\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not respond to ClientHello.');\n }\n\n # Collect the body of the message, including all records.\n hs += substr(recs, 5, strlen(recs) - 1);\n\n # ServerHello: Extract the random data for computation of keys.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO\n );\n\n if (!isnull(rec))\n {\n # Check handshake version returned by the server, and ensure\n # that it hasn't downgraded the version.\n if (rec['handshake_version'] != _ssl['version'])\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': SSL/TLS protocol version mismatch.');\n }\n\n srv_random = mkdword(rec['time']) + rec['random'];\n\n # Wacko SSL servers might return a cipher suite not in the\n # client's request list.\n if (!ssl3_cipher_in_list(mkword(rec['cipher_spec']), _ssl['cipher']))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server returned a cipher suite not in list supported by client.');\n }\n\n # Store the negotiated cipher suite.\n _ssl['cipher'] = rec['cipher_spec'];\n _ssl['cipher_desc'] = ssl3_get_cipher_desc();\n }\n\n # Certificate: Extract the server's public key.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE\n );\n\n if (!isnull(rec) && max_index(rec['certificates']) > 0)\n {\n # First cert in the chain should be the server cert.\n cert = parse_der_cert(cert:rec['certificates'][0]);\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server certificate could not be parsed.');\n }\n\n cert = cert['tbsCertificate'];\n }\n\n # Server Key Exchange.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_KEY_EXCHANGE\n );\n\n if (!isnull(rec['data']))\n skex = ssl_parse_srv_kex(blob:rec['data'], cipher:_ssl['cipher_desc']);\n\n # Certificate Request.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_CERTIFICATE_REQUEST\n );\n\n if (!isnull(rec['data']))\n _ssl['clt_cert_requested'] = TRUE;\n\n # Server Hello Done.\n rec = ssl_find(\n blob:recs,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE,\n 'handshake_type', SSL3_HANDSHAKE_TYPE_SERVER_HELLO_DONE\n );\n\n if (!isnull(rec)) break;\n }\n\n # Packet will contain ClientCertificate, ClientKeyExchange,\n # ChangeCipherSpec, and Finished.\n pkt = '';\n\n # Create an empty client certificate if one is requested.\n if (_ssl['clt_cert_requested'])\n {\n # Send an empty certificate for now. TLSv1.0 says the client can\n # send an empty certificate, but not sure what SSLv3 says.\n msg = ssl_mk_handshake_msg(\n type : SSL3_HANDSHAKE_TYPE_CERTIFICATE,\n data : ssl_vldata_put(data:NULL,len:3)\n );\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n }\n\n # Process ServerCertificate and ServerKeyExchange messages.\n var desc_kex = cipher_field(name:_ssl['cipher_desc'], field:\"kex\");\n if (desc_kex =~ \"RSA($|\\()\")\n {\n if (isnull(cert))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': No server certificate was found.');\n }\n\n if (isnull(cert['subjectPublicKeyInfo']) || isnull(cert['subjectPublicKeyInfo'][1]))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': A server certificate with an unsupported algorithm was found.');\n }\n\n n = cert['subjectPublicKeyInfo'][1][0];\n e = cert['subjectPublicKeyInfo'][1][1];\n if(isnull(n) || isnull(e))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': Failed to extract public key from server certificate.');\n }\n\n # Create the premaster secret.\n premaster = mkword(version) + rand_str(length:46);\n\n # Encrypt the premaster secret with server's RSA public key.\n ckex = rsa_public_encrypt(data:premaster, n:n, e:e);\n\n # Encode the client key exchange data.\n #\n # It looks like TLS 1.0 and up prepend a two-byte length, but the\n # RFC is vague.\n if (_ssl['version'] >= TLS_10)\n ckex = ssl_vldata_put(data:ckex, len:2);\n }\n else if (desc_kex =~ \"ECDH($|\\()\" && ecc_functions_available())\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (ECDH).');\n }\n\n # Generate the client private key\n dh_privkey = rand_str(length:16);\n\n # Compute the premaster secret\n premaster = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey,\n x:substr(skex['pubkey'], 1, (strlen(skex['pubkey'])) / 2),\n y:substr(skex['pubkey'], (strlen(skex['pubkey']) / 2) + 1)\n );\n # Just the X coordinate of the curve point is used\n premaster = ecc_fe2osp(element:premaster.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n # Encode the client's DH public key\n pubkey = ecc_scalar_multiply(\n curve_nid:curve_nid.tls[skex['named_curve']],\n scalar:dh_privkey\n );\n\n pubkey.x = ecc_fe2osp(element:pubkey.x, curve_nid:curve_nid.tls[skex['named_curve']]);\n pubkey.y = ecc_fe2osp(element:pubkey.y, curve_nid:curve_nid.tls[skex['named_curve']]);\n\n ckex = ssl_vldata_put(\n # Uncompressed curve point encoding\n data:'\\x04' + pubkey.x + pubkey.y,\n len:1\n );\n }\n else if (desc_kex =~ \"DH($|\\()\")\n {\n if (isnull(skex))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': no ServerKeyExchange info (DH).');\n }\n\n # Generate the client private key,\n x = rand_str(length:16);\n\n # Compute g^x mod p.\n dh_x = bn_mod_exp(skex['dh_g'], x, skex['dh_p']);\n\n # Compute the premaster secret.\n premaster = bn_mod_exp(skex['dh_y'], x, skex['dh_p']);\n\n # Encode the client key exchange data.\n ckex = ssl_vldata_put(data:dh_x, len:2);\n }\n else\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': unsupported key exchange method ' + _ssl['cipher_desc'] + '.');\n }\n\n # Create a ClientKeyExchange message.\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_CLIENT_KEY_EXCHANGE, data:ckex);\n hs += msg;\n\n rec = ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n pkt += rec;\n\n # Compute the keys.\n master = ssl_calc_master(\n premaster : premaster,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n # For troubleshooting problems, when a PCAP is provided by a customer\n # and we need to see the encrypted application data records.\n set_kb_item(\n name:\"nss_keylog/\" + SCRIPT_NAME,\n value:\"CLIENT_RANDOM \" + hexstr(clt_random) + \" \" + hexstr(master)\n );\n\n keyblk = ssl_derive_keyblk(\n master : master,\n c_random : clt_random,\n s_random : srv_random,\n version : version\n );\n\n if (!ssl3_set_keys(keyblk))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect(): ssl3_set_keys() failed.');\n }\n\n # Compute the Finished value for the client.\n clt_finished = ssl_calc_finished(master:master, handshake:hs, is_client:TRUE, version:version);\n msg = ssl_mk_handshake_msg(type:SSL3_HANDSHAKE_TYPE_FINISHED, data:clt_finished);\n\n # Compute the Finished value for the server.\n #\n # The server has one more handshake message (the client's Finished)\n # to include when computing its Finished value.\n hs += msg;\n srv_finished = ssl_calc_finished(master:master, handshake:hs, is_client:FALSE, version:version);\n\n # Compute the HMAC of the Finished message for the client.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE);\n\n # Append the HMAC to the message.\n msg += mac;\n\n # Encrypt the client Finished message\n msg = ssl3_encrypt(msg);\n\n # Append the ChangeCipherSpec and Finished records to the packet.\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_CHANGECIPHERSPEC, data:mkbyte(1), version:version);\n pkt += ssl_mk_record(type:SSL3_CONTENT_TYPE_HANDSHAKE, data:msg, version:version);\n\n # Send the packet.\n send(socket:soc, data:pkt);\n\n while (TRUE)\n {\n # Receive records from the server.\n recs = recv_ssl(socket:soc);\n if (isnull(recs))\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': server did not send the Finished message.');\n }\n\n # Finished, but it's encrypted so we can't access the handshake\n # type with ssl_parse().\n rec = ssl_find(\n blob:recs,\n encrypted:TRUE,\n 'content_type', SSL3_CONTENT_TYPE_HANDSHAKE\n );\n if (isnull(rec)) continue;\n\n # Decrypt the record's body.\n plain = ssl3_decrypt(rec['data']);\n\n # Get the length of the padding.\n len = strlen(plain);\n padlen = getbyte(blob:plain, pos:len - 1);\n mac_size = strlen(_ssl['enc_mac_key']);\n # Check pad length\n if (padlen + 1 + mac_size > len)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid padlen '+padlen+'.');\n }\n\n # Check pad bytes for TLS 1.0\n # Each pad byte must be the same as the padlen, per TLS 1.0 RFC\n if(_ssl['version'] >= TLS_10)\n {\n for (i = 0; i < padlen; i++)\n {\n if(ord(plain[len - 2 -i]) != padlen)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': invalid block cipher padding.');\n }\n }\n }\n\n # Extract the MAC.\n end = len - (padlen + 1) - 1;\n start = end - mac_size + 1;\n embedded_mac = substr(plain, start, end);\n\n # Extract the Finished record.\n end = start - 1;\n start = 0;\n msg = substr(plain, start, end);\n\n # Extract the server's Finished value.\n #\n # Handshake message data starts after the 1-byte handshake type\n # and 3-byte handshake message length.\n embedded_srv_finished = substr(msg, 1 + 3);\n\n # Check the embedded MAC against ours.\n mac = ssl3_mac(data:msg, type:SSL3_CONTENT_TYPE_HANDSHAKE, client:FALSE);\n if (mac != embedded_mac)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': MACs do not match, failed to decrypt server Finished message.');\n }\n\n # Check the embedded Finished value against ours.\n if (srv_finished != embedded_srv_finished)\n {\n close(soc);\n return ssl3_set_error('ssl3_connect() on port ' + port + ': bad server Finished message.');\n }\n\n # All tests have been passed, so the handshake phase is complete.\n break;\n }\n\n _ssl['sock'] = soc;\n _ssl['clt_seq']++;\n _ssl['srv_seq']++;\n\n return TRUE;\n}\n\n##\n# Initialize the SSL structure.\n#\n# @param port Port on which to make an SSL connection.\n# @param cipher_list A list of cipher suite IDs to support.\n# @param version The SSL version ID.\n#\n# @return TRUE if nothing went wrong.\n##\nfunction ssl3_init(port, cipher_list, version)\n{\n local_var cipher, supported;\n\n # Check for the existence of some crypto functions.\n if (!defined_func('bn_mod_exp'))\n {\n return ssl3_set_error('function bn_mod_exp() not defined.');\n }\n if (!defined_func('rsa_public_encrypt'))\n {\n return ssl3_set_error('function rsa_public_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_encrypt'))\n {\n return ssl3_set_error('function aes_cbc_encrypt() not defined.');\n }\n if (!defined_func('aes_cbc_decrypt'))\n {\n return ssl3_set_error('function aes_cbc_decrypt() not defined.');\n }\n\n # Check SSL version.\n if (version != SSL_V3 && version != TLS_10)\n {\n return ssl3_set_error('SSL/TLS version ' + hexstr(mkword(version)) + ' is not supported.');\n }\n _ssl['version'] = version;\n\n # Check cipher suites.\n supported =\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'] +\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'] +\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA'];\n\n foreach cipher (cipher_list)\n {\n if (!ssl3_cipher_in_list(cipher, supported))\n return ssl3_set_error(FALSE, 'cipher suite ' + hexstr(cipher) + ' is not supported.');\n }\n\n # Initially set to a list of cipher suites supported by the client.\n # When ServerHello is received, it's set to the agreed cipher.\n _ssl['cipher'] = '';\n foreach cipher (cipher_list)\n {\n _ssl['cipher'] += cipher;\n }\n\n # Sequence number is incremented for each SSL record sent in each\n # direction. It's 64 bits long and used when computing the MAC of a\n # message. We use a 32-bit sequence number here as we don't expect\n # to use more than 2^32 records. When the 64-bit number is required\n # for certain operations, we just prepend 4 zero bytes in the front.\n _ssl['clt_seq'] = 0;\n _ssl['srv_seq'] = 0;\n\n # SSL uses big endian format.\n set_byte_order(BYTE_ORDER_BIG_ENDIAN);\n\n # Keep track of whether the mitigation techniques are seen.\n _ssl['empty_rec'] = FALSE;\n _ssl['one_byte_rec'] = FALSE;\n\n # Whether a certificate has been requested by the server.\n _ssl['clt_cert_req'] = FALSE;\n\n # Keep track of received, unprocessed application data.\n _ssl['app_data'] = '';\n\n # Number of application data records received\n _ssl['app_recs'] = 0;\n\n _ssl['port'] = port;\n\n return TRUE;\n}\n\nget_kb_item_or_exit('SSL/Supported');\n\n# Get a port that uses SSL.\nport = get_ssl_ports(fork:TRUE);\n\nif (isnull(port))\n exit(1, 'The host does not appear to have any SSL-based services.');\n\n# Find out if the port is open.\nif (!get_port_state(port))\n audit(AUDIT_PORT_CLOSED, port);\n\n# Supported cipher suites used by this script.\ncipher_list = make_list(\n ciphers['TLS1_CK_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_DHE_RSA_WITH_3DES_EDE_CBC_SHA'],\n ciphers['TLS1_CK_RSA_WITH_DES_CBC_SHA']\n);\n\nif (ecc_functions_available())\n{\n # This list will be flattened on its own by make_list().\n cipher_list = make_list(\n cipher_list,\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA'],\n ciphers['TLS1_CK_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA']\n );\n}\n\n\n# Try TLS 1.0 first.\nif (!ssl3_init(port:port, version:TLS_10, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n# If that failed, try SSL 3.0.\nif (!ssl3_connect())\n{\n if (!ssl3_init(port:port, version:SSL_V3, cipher_list:cipher_list))\n exit(1, 'ssl3_init() failed on port ' + port + ': ' + ssl3_get_lasterror());\n\n if (!ssl3_connect()) exit(1, ssl3_get_lasterror());\n}\n\n# Send some data to the SSL port so that some data can be returned in\n# order to test whether empty or one-byte records are used.\n\n# Create a simple HTTP GET request.\nhttp_req = http_mk_req(port:port, host:get_host_ip(), method:'GET', item:'/', add_headers:make_array('Connection','keep-alive'));\n\nsvc = known_service(port:port);\n\n# Create a service-specific message to solicit a response in order to\n# test for an empty or one-byte record.\nif (svc == 'www') req = http_mk_buffer_from_req(req:http_req);\nelse if (svc == 'smtp') req = 'EHLO client.example.org\\r\\n';\nelse if (svc == 'ftp') req = 'HELP\\r\\n';\nelse if (svc == 'ldap') req = ldap_bind_request();\nelse if (svc == 'imap') req = 'nessus CAPABILITY\\r\\n';\n\n# The following are not tested.\nelse if (svc == 'pop3') req = 'CAPA\\r\\n';\nelse if (svc == 'nntp') req = 'CAPABILITIES\\r\\n';\nelse if (svc == 'acap') req = 'nessus NOOP\\r\\n';\nelse if (svc == 'xmpp') req = '<nessus />\\n';\nelse if (svc == 'telnet') req = mkbyte(CMD_IAC) + mkbyte(CMD_DO) + mkbyte(5); # Do Status\n\n# Unknown service, send an HTTP request.\nelse req = http_mk_buffer_from_req(req:http_req);\n\n#\n# Read at least 2 application data records\n#\n# The fix for BEAST in IBMJSSE2 is to split the application data record to\n# 1/(n-1), except the first application data record.\n# So we need the second application data record to test whether it is split.\n#\nwhile(_ssl['app_recs'] < 2)\n{\n\n # Send the request.\n if (!ssl3_write(req))\n exit(1, ssl3_get_lasterror());\n\n # Read until no more application data from remote server\n data = ssl3_read();\n\n # Check response.\n if (isnull(data)) exit(1, ssl3_get_lasterror());\n if( data == '') exit(0, 'The service listening on port ' + port + ' did not return any data.');\n\n # 0/n split-record mitigation technique (OpenSSL)\n if (_ssl['empty_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use empty SSL/TLS records.');\n\n # 1/(n-1) split-record mitigation technique (MS)\n if (_ssl['one_byte_rec'])\n exit(0, 'The service listening on port ' + port + ' appears to use one-byte SSL/TLS records.');\n\n}\n\n# The SSL 3.0/TLS 1.0 server accepts a block-based cipher suite, but\n# doesn't use any mitigation techniques, so it is likely vulnerable.\nif (report_verbosity > 0)\n security_warning(port:port, extra:'\\nNegotiated cipher suite: ' + _ssl['cipher_desc'] + '\\n');\nelse\n security_warning(port);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:18:07", "description": "According to its banner, the remote host is running a version of Kerio Connect (formerly known Kerio MailServer) prior to 8.1.0. It is, therefore, affected by an information disclosure vulnerability, known as BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are not affected.", "cvss3": {}, "published": "2014-02-07T00:00:00", "type": "nessus", "title": "Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:kerio:connect"], "id": "KERIO_CONNECT_810.NASL", "href": "https://www.tenable.com/plugins/nessus/72393", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72393);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Kerio Connect < 8.1.0 SSL/TLS Information Disclosure (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote mail server is affected by an information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the remote host is running a version of Kerio\nConnect (formerly known Kerio MailServer) prior to 8.1.0. It is,\ntherefore, affected by an information disclosure vulnerability, known\nas BEAST, in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the\nway the initialization vector (IV) is selected when operating in\ncipher-block chaining (CBC) modes. A man-in-the-middle attacker can\nexploit this to obtain plaintext HTTP header data, by using a\nblockwise chosen-boundary attack (BCBA) on an HTTPS session, in\nconjunction with JavaScript code that uses the HTML5 WebSocket API,\nthe Java URLConnection API, or the Silverlight WebClient API.\n\nTLS 1.1, TLS 1.2, and all cipher suites that do not use CBC mode are\nnot affected.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.kerio.com/connect/history/older\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/tls-cbc.txt\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Kerio Connect 8.1.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/02/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:kerio:connect\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"kerio_kms_641.nasl\", \"kerio_mailserver_admin_port.nasl\");\n script_require_keys(\"kerio/port\");\n script_require_ports(\"Services/kerio_mailserver_admin\", 25, 465, 587);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_kb_item_or_exit('kerio/port');\nver = get_kb_item_or_exit('kerio/'+port+'/version');\ndisplay_ver = get_kb_item_or_exit('kerio/'+port+'/display_version');\n\n# Versions prior to 7 are called MailServer; versions after are called Connect\nif (ver =~ '^[0-6]\\\\.') product = \"Kerio MailServer\";\nelse product = \"Kerio Connect\";\n\n# Workaround works for 8.0.1 and later\nif (ver =~ '^8\\\\.0\\\\.[12]([^0-9]|$)' && report_paranoia < 2) audit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n\nfixed_version = \"8.1.0\";\n\nif (ver_compare(ver:ver, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity)\n {\n report =\n '\\n Product : ' + product +\n '\\n Installed version : ' + display_ver +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\n\naudit(AUDIT_LISTEN_NOT_VULN, product, port, display_ver);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:14", "description": "- Added a patch to fix errors in the pkcs11n.h header file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations) introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and /secmod.db anymore (bmo#641052, bnc#726096)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libfreebl3", "p-cpe:/a:novell:opensuse:libfreebl3-32bit", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo", "p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3", "p-cpe:/a:novell:opensuse:libsoftokn3-32bit", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo", "p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss", "p-cpe:/a:novell:opensuse:mozilla-nss-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-debugsource", "p-cpe:/a:novell:opensuse:mozilla-nss-devel", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo", "p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit", "p-cpe:/a:novell:opensuse:mozilla-nss-tools", "p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2011-100.NASL", "href": "https://www.tenable.com/plugins/nessus/74514", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2011-100.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74514);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"openSUSE Security Update : mozilla-nss (openSUSE-2011-100) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote openSUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"- Added a patch to fix errors in the pkcs11n.h header\n file. (bmo#702090)\n\n - update to 3.13.1 RTM\n\n - better SHA-224 support (bmo#647706)\n\n - fixed a regression (causing hangs in some situations)\n introduced in 3.13 (bmo#693228)\n\n - update to 3.13.0 RTM\n\n - SSL 2.0 is disabled by default\n\n - A defense against the SSL 3.0 and TLS 1.0 CBC chosen\n plaintext attack demonstrated by Rizzo and Duong\n (CVE-2011-3389) is enabled by default. Set the\n SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n - SHA-224 is supported\n\n - Ported to iOS. (Requires NSPR 4.9.)\n\n - Added PORT_ErrorToString and PORT_ErrorToName to return\n the error message and symbolic name of an NSS error code\n\n - Added NSS_GetVersion to return the NSS version string\n\n - Added experimental support of RSA-PSS to the softoken\n only\n\n - NSS_NoDB_Init does not try to open /pkcs11.txt and\n /secmod.db anymore (bmo#641052, bnc#726096)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.novell.com/show_bug.cgi?id=726096\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected mozilla-nss packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libfreebl3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libsoftokn3-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-certs-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-sysinit-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mozilla-nss-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2022 Tenable Network Security, Inc.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libfreebl3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libsoftokn3-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-certs-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-debugsource-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-devel-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-sysinit-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"mozilla-nss-tools-debuginfo-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libfreebl3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libsoftokn3-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-certs-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-32bit-3.13.1-9.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"mozilla-nss-sysinit-debuginfo-32bit-3.13.1-9.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libfreebl3 / libfreebl3-32bit / libfreebl3-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:06", "description": "This plugin has been deprecated and is no longer functional. It was originally written to check Microsoft's workaround for CVE-2011-3389, but was replaced by plugin 57474 which checks for the patch that fixes this CVE.", "cvss3": {}, "published": "2011-09-29T00:00:00", "type": "nessus", "title": "Deprecated", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2013-05-13T00:00:00", "cpe": ["cpe:/a:microsoft:ie"], "id": "SMB_KB2588513.NASL", "href": "https://www.tenable.com/plugins/nessus/56333", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# @DEPRECATED@\n#\n# Disabled on 2012/02/08. Deprecated by smb_nt_ms12-006.nasl.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56333);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2018/07/27 18:38:15\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(49778);\n\n script_name(english:\"Deprecated\");\n script_summary(english:\"Checks if RC4 has been prioritized.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\"This plugin has been deprecated.\");\n script_set_attribute(attribute:\"description\", value:\n\"This plugin has been deprecated and is no longer functional. It\nwas originally written to check Microsoft's workaround for\nCVE-2011-3389, but was replaced by plugin 57474 which checks for\nthe patch that fixes this CVE.\");\n\n script_set_attribute(attribute:\"see_also\", value:\"http://technet.microsoft.com/en-us/security/advisory/2588513\");\n script_set_attribute(attribute:\"solution\", value:\"n/a\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\nexit(0, \"This plugin has been deprecated. Use smb_nt_ms12-006.nasl (plugin ID 57474) instead\");\n\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit('SMB/Registry/Enumerated');\nwinver = get_kb_item_or_exit('SMB/WindowsVersion');\n\nif (winver != '6.0') exit(1, 'The workaround only applies to Windows Vista and 2008.');\n\nname = kb_smb_name();\nport = kb_smb_transport();\nif (!get_port_state(port)) exit(1, 'Port '+port+' is not open.');\nlogin = kb_smb_login();\npass = kb_smb_password();\ndomain = kb_smb_domain();\n\nsoc = open_sock_tcp(port);\nif (!soc) exit(1, 'Can\\'t open socket on port '+port+'.');\nsession_init(socket:soc, hostname:name);\nrc = NetUseAdd(login:login, password:pass, domain:domain, share:'IPC$');\nif (rc != 1)\n{\n NetUseDel();\n exit(1, 'Can\\'t connect to IPC$ share.');\n}\n\n# Connect to the remote registry\nhklm = RegConnectRegistry(hkey:HKEY_LOCAL_MACHINE);\nif (isnull(hklm))\n{\n\n NetUseDel();\n exit(1, 'Can\\'t connect to remote registry.');\n}\n\nvuln = FALSE;\nsuites = make_list();\nkey = 'SOFTWARE\\\\Policies\\\\Microsoft\\\\Cryptography\\\\Configuration\\\\SSL\\\\00010002';\nkey_h = RegOpenKey(handle:hklm, key:key, mode:MAXIMUM_ALLOWED);\nif (!isnull(key_h))\n{\n item = RegQueryValue(handle:key_h, item:'Functions');\n if (isnull(item)) vuln = TRUE;\n else suites = split(item[1], sep:',', keep:FALSE);\n RegCloseKey(handle:key_h);\n}\nRegCloseKey(handle:hklm);\nNetUseDel();\n\nif ((max_index(suites) < 1) && !vuln) exit(1, 'Couldn\\'t get the SSL Cipher Suite Order from the remote host.');\n\nif (\n !vuln &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_SHA' &&\n suites[0] != 'TLS_RSA_WITH_RC4_128_MD5' &&\n suites[0] != 'SSL_CK_RC4_128_WITH_MD5'\n) vuln = TRUE;\n \n\nif (vuln)\n{\n if (report_verbosity > 0)\n {\n report = '\\n The \\'RC4\\' algorithm hasn\\'t been prioritized on the remote host.\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse exit(0, 'The host is not affected.');\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:45", "description": "The latest version of Firefox and Thunderbird have the following changes :\n\n - Added Type Inference, significantly improving JavaScript performance\n\n - Added support for querying Do Not Track status via JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1 with these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI XED&classification=Components&query_format=advanced&target_milestone=3 .13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext attack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by default. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable it.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error message and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only (contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-12-23T00:00:00", "type": "nessus", "title": "Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:firefox", "p-cpe:/a:fedoraproject:fedora:nss", "p-cpe:/a:fedoraproject:fedora:nss-softokn", "p-cpe:/a:fedoraproject:fedora:nss-util", "p-cpe:/a:fedoraproject:fedora:thunderbird", "p-cpe:/a:fedoraproject:fedora:thunderbird-lightning", "p-cpe:/a:fedoraproject:fedora:xulrunner", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2011-17400.NASL", "href": "https://www.tenable.com/plugins/nessus/57389", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2011-17400.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57389);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(51133, 51134, 51135, 51136, 51137, 51138, 51139);\n script_xref(name:\"FEDORA\", value:\"2011-17400\");\n\n script_name(english:\"Fedora 16 : firefox-9.0-3.fc16 / nss-3.13.1-9.fc16 / nss-softokn-3.13.1-14.fc16 / etc (2011-17400)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The latest version of Firefox and Thunderbird have the following\nchanges :\n\n - Added Type Inference, significantly improving JavaScript\n performance\n\n - Added support for querying Do Not Track status via\n JavaScript\n\n - Added support for font-stretch\n\n - Improved support for text-overflow\n\n - Improved standards support for HTML5, MathML, and CSS\n\n - Fixed several stability issues\n\n - Fixed several security issues\n\nUpdate nss to 3.13.1\n\nYou can find the new features and bug fixes in NSS 3.13 and 3.13.1\nwith these Bugzilla queries :\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13&product=NSS\n\nand\n\nhttps://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FI\nXED&classification=Components&query_format=advanced&target_milestone=3\n.13.1&product=NSS\n\nNotable changes include :\n\n1. SSL 2.0 is disabled by default.\n\n2. A defense against the SSL 3.0 and TLS 1.0 CBC chosen plaintext\nattack demonstrated by Rizzo and Duong (CVE-2011-3389) is enabled by\ndefault. Set the SSL_CBC_RANDOM_IV SSL option to PR_FALSE to disable\nit.\n\n3. SHA-224 is supported.\n\n4. Added PORT_ErrorToString and PORT_ErrorToName to return the error\nmessage and symbolic name of an NSS error code.\n\n5. Added NSS_GetVersion to return the NSS version string.\n\n6. Added experimental support of RSA-PSS to the softoken only\n(contributed by Hanno Bock, http://rsapss.hboeck.de/).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://rsapss.hboeck.de/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://rsapss.hboeck.de/\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c50d6ac0\"\n );\n # https://bugzilla.mozilla.org/buglist.cgi?list_id=1496878&resolution=FIXED&classification=Components&query_format=advanced&target_milestone=3.13.1&product=NSS\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?132ae2a7\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071320.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1fa18268\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071321.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?92f4593c\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071322.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a6791be1\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071323.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?05d0db8f\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071324.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b974e724\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071325.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?af682fa6\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2011-December/071326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?01c5fc18\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:firefox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-softokn\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nss-util\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:thunderbird-lightning\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xulrunner\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"firefox-9.0-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-3.13.1-9.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-softokn-3.13.1-14.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"nss-util-3.13.1-3.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-9.0-4.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"thunderbird-lightning-1.1-0.1.rc1.fc16\")) flag++;\nif (rpm_check(release:\"FC16\", reference:\"xulrunner-9.0-2.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"firefox / nss / nss-softokn / nss-util / thunderbird / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:24", "description": "According to its SIP banner, the version of Asterisk running on the remote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST, exists in the SSL 3.0 and TLS 1.0 protocols due to a flaw in the way the initialization vector (IV) is selected when operating in cipher-block chaining (CBC) modes. A man-in-the-middle attacker can exploit this to obtain plaintext HTTP header data, by using a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, the Java URLConnection API, or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to improper validation of user-supplied input when handling 'timert1' values. A remote attacker can exploit this to cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of FAT data in UDPTL packets. A remote attacker can exploit this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2016-02-12T00:00:00", "type": "nessus", "title": "Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:digium:asterisk"], "id": "ASTERISK_AST_2016_003.NASL", "href": "https://www.tenable.com/plugins/nessus/88715", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88715);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_bugtraq_id(\n 49778,\n 82651,\n 82656,\n 82670\n );\n script_xref(name:\"CERT\", value:\"864643\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Asterisk Multiple Vulnerabilities (AST-2016-001 - AST-2016-003) (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A telephony application running on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its SIP banner, the version of Asterisk running on the\nremote host is affected by the following vulnerabilities :\n\n - An information disclosure vulnerability, known as BEAST,\n exists in the SSL 3.0 and TLS 1.0 protocols due to a\n flaw in the way the initialization vector (IV) is\n selected when operating in cipher-block chaining (CBC)\n modes. A man-in-the-middle attacker can exploit this\n to obtain plaintext HTTP header data, by using a\n blockwise chosen-boundary attack (BCBA) on an HTTPS\n session, in conjunction with JavaScript code that uses\n the HTML5 WebSocket API, the Java URLConnection API,\n or the Silverlight WebClient API. (CVE-2011-3389)\n\n - An integer overflow condition exists in sip.conf due to\n improper validation of user-supplied input when handling\n 'timert1' values. A remote attacker can exploit this to\n cause a denial of service.\n\n - An unspecified flaw exists due to improper handling of\n FAT data in UDPTL packets. A remote attacker can exploit\n this to cause a denial of service.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-001.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-002.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://downloads.asterisk.org/pub/security/AST-2016-003.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2011/09/23/chromeandbeast.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Asterisk version 11.21.1 / 13.7.1 / 11.6-cert12 /\n13.1-cert3. Alternatively, apply the appropriate patch referenced in\nthe vendor advisories.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/12\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:digium:asterisk\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"asterisk_detection.nasl\");\n script_require_keys(\"asterisk/sip_detected\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nget_kb_item_or_exit(\"asterisk/sip_detected\");\n\nasterisk_kbs = get_kb_list_or_exit(\"sip/asterisk/*/version\");\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\nis_vuln = FALSE;\nnot_vuln_installs = make_list();\nerrors = make_list();\n\nforeach kb_name (keys(asterisk_kbs))\n{\n vulnerable = 0;\n patch_only = FALSE;\n\n matches = eregmatch(pattern:\"/(udp|tcp)/([0-9]+)/version\", string:kb_name);\n if (isnull(matches))\n {\n errors = make_list(errors, \"Unexpected error parsing port number from '\"+kb_name+\"'.\");\n continue;\n }\n\n proto = matches[1];\n port = matches[2];\n version = asterisk_kbs[kb_name];\n\n if (version == 'unknown')\n {\n errors = make_list(errors, \"Unable to obtain version of install on \" + proto + \"/\" + port + \".\");\n continue;\n }\n\n banner = get_kb_item(\"sip/asterisk/\" + proto + \"/\" + port + \"/source\");\n if (!banner)\n {\n # We have version but banner is missing;\n # log error and use in version-check though.\n errors = make_list(errors, \"KB item 'sip/asterisk/\" + proto + \"/\" + port + \"/source' is missing.\");\n banner = 'unknown';\n }\n\n # Open Source 1.8.x\n # Patch does not change version.\n if (version =~ \"^1\\.8([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 11.x\n if (version =~ \"^11([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"11.21.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Open Source 12.x\n # Patch does not change version\n else if (version =~ \"^12([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Open Source 13.x\n else if (version =~ \"^13([^0-9]|$)\" && \"cert\" >!< tolower(version))\n {\n fixed = \"13.7.1\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 1.8.28-certx\n # Patch does not change version.\n else if (version =~ \"^1\\.8\\.28([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"See vendor for patch information.\";\n patch_only = TRUE;\n }\n\n # Asterisk Certified 11.6-certx\n else if (version =~ \"^11\\.6([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"11.6-cert12\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n # Asterisk Certified 13.1-certx < 13.1-cert2\n else if (version =~ \"^13\\.1([^0-9])\" && \"cert\" >< tolower(version))\n {\n fixed = \"13.1-cert3\";\n vulnerable = ver_compare(ver:version, fix:fixed, app:\"asterisk\");\n }\n\n if (vulnerable < 0 || patch_only == TRUE)\n {\n is_vuln = TRUE;\n if (report_verbosity > 0)\n {\n report =\n '\\n Version source : ' + banner +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed +\n '\\n';\n security_warning(port:port, proto:proto, extra:report);\n }\n else security_warning(port:port, proto:proto);\n }\n else not_vuln_installs = make_list(not_vuln_installs, version + \" on port \" + proto + \"/\" + port);\n}\n\nif (max_index(errors))\n{\n if (max_index(errors) == 1) errmsg = errors[0];\n else errmsg = 'Errors were encountered verifying installs : \\n ' + join(errors, sep:'\\n ');\n\n exit(1, errmsg);\n}\nelse\n{\n installs = max_index(not_vuln_installs);\n if (installs == 0)\n {\n if (is_vuln) exit(0);\n else audit(AUDIT_NOT_INST, \"Asterisk\");\n }\n else audit(AUDIT_INST_VER_NOT_VULN, \"Asterisk\", not_vuln_installs);\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:19:14", "description": "NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12", "cvss3": {}, "published": "2018-03-12T00:00:00", "type": "nessus", "title": "Solaris 10 (sparc) : 125358-15 (BEAST)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2022-12-05T00:00:00", "cpe": ["p-cpe:/a:oracle:solaris:10:125358", "cpe:/o:oracle:solaris:10"], "id": "SOLARIS10_125358-15.NASL", "href": "https://www.tenable.com/plugins/nessus/107424", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text in this plugin was\n# extracted from the Oracle SunOS Patch Updates.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(107424);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-3389\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"Solaris 10 (sparc) : 125358-15 (BEAST)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing Sun Security Patch number 125358-15\");\n script_set_attribute(attribute:\"description\", value:\n\"NSS_NSPR_JSS 3.13.1 Solaris: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 M.\nDate this patch was last updated by Sun : Feb/08/12\");\n script_set_attribute(attribute:\"see_also\", value:\"https://getupdates.oracle.com/readme/125358-15\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install patch 125358-15 or higher\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-3389\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:solaris:10:125358\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:solaris:10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Solaris Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Solaris/showrev\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"solaris.inc\");\n\nshowrev = get_kb_item(\"Host/Solaris/showrev\");\nif (empty_or_null(showrev)) audit(AUDIT_OS_NOT, \"Solaris\");\nos_ver = pregmatch(pattern:\"Release: (\\d+.(\\d+))\", string:showrev);\nif (empty_or_null(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Solaris\");\nfull_ver = os_ver[1];\nos_level = os_ver[2];\nif (full_ver != \"5.10\") audit(AUDIT_OS_NOT, \"Solaris 10\", \"Solaris \" + os_level);\npackage_arch = pregmatch(pattern:\"Application architecture: (\\w+)\", string:showrev);\nif (empty_or_null(package_arch)) audit(AUDIT_UNKNOWN_ARCH);\npackage_arch = package_arch[1];\nif (package_arch != \"sparc\") audit(AUDIT_ARCH_NOT, \"sparc\", package_arch);\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWjss\", version:\"4.2.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWpr\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWprd\", version:\"4.6.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtls\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsd\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\nif (solaris_check_patch(release:\"5.10\", arch:\"sparc\", patch:\"125358-15\", obsoleted_by:\"\", package:\"SUNWtlsu\", version:\"3.11.4,REV=2006.11.16.20.40\") < 0) flag++;\n\nif (flag) {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : solaris_get_report()\n );\n} else {\n patch_fix = solaris_patch_fix_get();\n if (!empty_or_null(patch_fix)) audit(AUDIT_PATCH_INSTALLED, patch_fix, \"Solaris 10\");\n tested = solaris_pkg_tests_get();\n if (!empty_or_null(tested)) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n audit(AUDIT_PACKAGE_NOT_INSTALLED, \"SUNWjss / SUNWpr / SUNWprd / SUNWtls / SUNWtlsd / SUNWtlsu\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:23:55", "description": "According to its self-reported version number, the Apache Tomcat instance listening on the remote host is prior to 6.0.13. It is, therefore, affected by the following vulnerabilities :\n\n - Requests containing multiple 'content-length' headers are not rejected as invalid. This error can allow web-cache poisoning, cross-site scripting attacks and information disclosure. (CVE-2005-2090)\n\n - The remote Apache Tomcat install may be vulnerable to a cross-site scripting attack if the JSP and Servlet examples are enabled. Several of these examples do not properly validate user input. (CVE-2007-1355)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2011-11-18T00:00:00", "type": "nessus", "title": "Apache Tomcat < 6.0.13 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2005-2090", "CVE-2007-1355"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:apache:tomcat"], "id": "TOMCAT_6_0_13.NASL", "href": "https://www.tenable.com/plugins/nessus/17728", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(17728);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\"CVE-2005-2090\", \"CVE-2007-1355\");\n script_bugtraq_id(13873, 24058);\n\n script_name(english:\"Apache Tomcat < 6.0.13 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Apache Tomcat server is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Apache Tomcat\ninstance listening on the remote host is prior to 6.0.13. It is,\ntherefore, affected by the following vulnerabilities :\n\n - Requests containing multiple 'content-length' headers\n are not rejected as invalid. This error can allow\n web-cache poisoning, cross-site scripting attacks and\n information disclosure. (CVE-2005-2090)\n\n - The remote Apache Tomcat install may be vulnerable to\n a cross-site scripting attack if the JSP and Servlet\n examples are enabled. Several of these examples do\n not properly validate user input. (CVE-2007-1355)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.11\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Apache Tomcat version 6.0.13 or later.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2005-2090\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2005/06/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/05/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:apache:tomcat\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2011-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"tomcat_error_version.nasl\", \"tomcat_win_installed.nbin\", \"apache_tomcat_nix_installed.nbin\");\n script_require_keys(\"installed_sw/Apache Tomcat\");\n\n exit(0);\n}\n\ninclude(\"tomcat_version.inc\");\n\ntomcat_check_version(fixed:\"6.0.13\", min:\"6.0.0\", severity:SECURITY_WARNING, xss:TRUE, granularity_regex:\"^6(\\.0)?$\");\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:03:33", "description": "The version of IBM Domino (formerly Lotus Domino) installed on the remote host is affected by a man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.", "cvss3": {}, "published": "2016-04-14T00:00:00", "type": "nessus", "title": "IBM Domino SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-23T00:00:00", "cpe": ["cpe:/a:ibm:domino"], "id": "IBM_DOMINO_SWG21693142.NASL", "href": "https://www.tenable.com/plugins/nessus/90512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(90512);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/23\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"IBM Domino SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The application installed on the remote host is affected by an\ninformation disclosure vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of IBM Domino (formerly Lotus Domino) installed on the\nremote host is affected by a man-in-the-middle (MitM) information\ndisclosure vulnerability, known as POODLE, due to the way SSL 3.0\nhandles padding bytes when decrypting messages encrypted using block\nciphers in cipher block chaining (CBC) mode. A MitM attacker can\ndecrypt a selected byte of a cipher text in as few as 256 tries if\nthey are able to force a victim application to repeatedly send the\nsame data over newly created SSL 3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www-01.ibm.com/support/docview.wss?uid=swg21693142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade IBM Domino according to the advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ibm:domino\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2016-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"lotus_domino_installed.nasl\");\n script_require_keys(\"installed_sw/IBM Domino\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\n\nappname = 'IBM Domino';\nget_install_count(app_name:appname, exit_if_zero:TRUE);\n\nport = get_kb_item('SMB/transport');\nif (isnull(port)) port = 445;\n\ninstall = get_single_install(app_name:appname, exit_if_unknown_ver:TRUE);\npath = install['path'];\n\nif (!empty_or_null(install['version']))\n domino_ver = install['version'];\nelse\n audit(AUDIT_UNKNOWN_APP_VER, appname);\n\nif (!empty_or_null(install['Java Version']))\n java_ver = install['Java Version'];\nelse\n audit(AUDIT_VER_FAIL, \"jvm.dll\");\n\nvuln = FALSE ;\n# Fixed versions\nif(domino_ver =~ \"^8\\.5\\.3\"){\n domino_fix_raw = \"8.5.36.14345\";\n domino_fix = '8.5.3 FP6 IF6';\n java_fix = '2.4.2.24084';\n}\nif(domino_ver =~ \"^9\\.0\\.0\"){\n domino_fix_raw = \"9.0.0.14349\";\n domino_fix = '9.0 IF7';\n java_fix = '2.4.1.60531';\n}\nif(domino_ver =~ \"^9\\.0\\.1\"){\n domino_fix_raw = \"9.0.10.13287\";\n domino_fix = '9.0.1 FP2 IF3';\n java_fix = '2.4.2.65501';\n}\n\nif (ver_compare(ver:domino_ver, fix:domino_fix_raw, strict:FALSE) < 0 ||\n ver_compare(ver:java_ver, fix:java_fix, strict:FALSE) < 0){\n vuln = TRUE;\n}else{\n audit(AUDIT_INST_VER_NOT_VULN, \"IBM Domino \", domino_ver);\n}\n\n\nif(vuln){\n report =\n 'The version of IBM Domino is vulnerable to TLS Padding attacks:' + \n '\\n Path : ' + path +\n '\\n Domino installed version : ' + domino_ver +\n '\\n Domino installed java : ' + java_ver +\n '\\n Domino fixed version : ' + domino_fix +\n '\\n Java fixed version : ' + java_fix +\n '\\n' ;\n security_report_v4(port:port, extra:report, severity:SECURITY_WARNING);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"IBM Domino \", domino_ver, path);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:12:55", "description": "From Red Hat Security Advisory 2014:1653 :\n\nUpdated openssl packages that contain a backported patch to mitigate the CVE-2014-3566 issue are now available for Red Hat Enterprise Linux 5.\n\nRed Hat Product Security has rated this update as having Moderate security impact.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL), Transport Layer Security (TLS), and Datagram Transport Layer Security (DTLS) protocols, as well as a full-strength, general purpose cryptography library.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite Value (TLS_FALLBACK_SCSV), which can be used to prevent protocol downgrade attacks against applications which re-connect using a lower SSL/TLS protocol version when the initial connection indicating the highest supported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle attack when using block cipher suites in cipher block chaining (CBC) mode. This issue is identified as CVE-2014-3566, and also known under the alias POODLE. This SSL 3.0 protocol flaw will not be addressed in a future update; it is recommended that users configure their applications to require at least TLS protocol version 1.0 for secure communication.\n\nFor additional information about this flaw, see the Knowledgebase article at https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages, which contain a backported patch to mitigate the CVE-2014-3566 issue.\nFor the update to take effect, all services linked to the OpenSSL library (such as httpd and other SSL-enabled services) must be restarted or the system rebooted.", "cvss3": {}, "published": "2014-10-17T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : openssl (ELSA-2014-1653) (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-23T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:openssl", "p-cpe:/a:oracle:linux:openssl-devel", "p-cpe:/a:oracle:linux:openssl-perl", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2014-1653.NASL", "href": "https://www.tenable.com/plugins/nessus/78530", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2014:1653 and \n# Oracle Linux Security Advisory ELSA-2014-1653 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78530);\n script_version(\"1.24\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/23\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(\n 67899,\n 67901,\n 69075,\n 69076,\n 69081,\n 69082,\n 70574\n );\n script_xref(name:\"RHSA\", value:\"2014:1653\");\n\n script_name(english:\"Oracle Linux 5 : openssl (ELSA-2014-1653) (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"From Red Hat Security Advisory 2014:1653 :\n\nUpdated openssl packages that contain a backported patch to mitigate\nthe CVE-2014-3566 issue are now available for Red Hat Enterprise Linux\n5.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact.\n\nOpenSSL is a toolkit that implements the Secure Sockets Layer (SSL),\nTransport Layer Security (TLS), and Datagram Transport Layer Security\n(DTLS) protocols, as well as a full-strength, general purpose\ncryptography library.\n\nThis update adds support for the TLS Fallback Signaling Cipher Suite\nValue (TLS_FALLBACK_SCSV), which can be used to prevent protocol\ndowngrade attacks against applications which re-connect using a lower\nSSL/TLS protocol version when the initial connection indicating the\nhighest supported protocol version fails.\n\nThis can prevent a forceful downgrade of the communication to SSL 3.0.\nThe SSL 3.0 protocol was found to be vulnerable to the padding oracle\nattack when using block cipher suites in cipher block chaining (CBC)\nmode. This issue is identified as CVE-2014-3566, and also known under\nthe alias POODLE. This SSL 3.0 protocol flaw will not be addressed in\na future update; it is recommended that users configure their\napplications to require at least TLS protocol version 1.0 for secure\ncommunication.\n\nFor additional information about this flaw, see the Knowledgebase\narticle at https://access.redhat.com/articles/1232123\n\nAll OpenSSL users are advised to upgrade to these updated packages,\nwhich contain a backported patch to mitigate the CVE-2014-3566 issue.\nFor the update to take effect, all services linked to the OpenSSL\nlibrary (such as httpd and other SSL-enabled services) must be\nrestarted or the system rebooted.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://oss.oracle.com/pipermail/el-errata/2014-October/004532.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected openssl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:openssl-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"openssl-0.9.8e-31.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-devel-0.9.8e-31.el5_11\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"openssl-perl-0.9.8e-31.el5_11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openssl / openssl-devel / openssl-perl\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:11:38", "description": "Updated node.js packages that fix one security issue are now available for Red Hat OpenShift Enterprise 2.1.\n\nRed Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nOpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.\n\nNode.js is a software development platform for building fast and scalable network applications in the JavaScript programming language.\n\nA flaw was found in the way SSL 3.0 handled padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. This flaw allows a man-in-the-middle (MITM) attacker to decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.\n(CVE-2014-3566)\n\nAll OpenShift Enterprise users are advised to upgrade to these updated packages, which correct this issue.", "cvss3": {}, "published": "2018-12-04T00:00:00", "type": "nessus", "title": "RHEL 6 : node.js (RHSA-2015:1545) (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-28T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-proxy", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2015-1545.NASL", "href": "https://www.tenable.com/plugins/nessus/119358", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1545. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119358);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/28\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"RHSA\", value:\"2015:1545\");\n\n script_name(english:\"RHEL 6 : node.js (RHSA-2015:1545) (POODLE)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated node.js packages that fix one security issue are now available\nfor Red Hat OpenShift Enterprise 2.1.\n\nRed Hat Product Security has rated this update as having Important\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nOpenShift Enterprise by Red Hat is the company's cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or\nprivate cloud deployments.\n\nNode.js is a software development platform for building fast and\nscalable network applications in the JavaScript programming language.\n\nA flaw was found in the way SSL 3.0 handled padding bytes when\ndecrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. This flaw allows a man-in-the-middle (MITM)\nattacker to decrypt a selected byte of a cipher text in as few as 256\ntries if they are able to force a victim application to repeatedly\nsend the same data over newly created SSL 3.0 connections.\n(CVE-2014-3566)\n\nAll OpenShift Enterprise users are advised to upgrade to these updated\npackages, which correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1545\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2014-3566\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected openshift-origin-node-proxy package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-origin-node-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/08/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/04\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1545\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", reference:\"openshift-origin-node-proxy-1.22.3.4-1.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openshift-origin-node-proxy\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:13:15", "description": "The remote Mac OS X 10.9 host has a version of OS X Server installed that is prior to version 3.2.2. It is, therefore, affected by an information disclosure vulnerability.\n\nAn error exists related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A man-in-the-middle attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections. This is also known as the 'POODLE' issue.", "cvss3": {}, "published": "2014-10-21T00:00:00", "type": "nessus", "title": "Mac OS X : OS X Server < 3.2.2 SSLv3 Information Disclosure (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-23T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x_server"], "id": "MACOSX_SERVER_3_2_2.NASL", "href": "https://www.tenable.com/plugins/nessus/78600", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78600);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/23\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2014-10-16-4\");\n\n script_name(english:\"Mac OS X : OS X Server < 3.2.2 SSLv3 Information Disclosure (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a security update for OS X Server.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Mac OS X 10.9 host has a version of OS X Server installed\nthat is prior to version 3.2.2. It is, therefore, affected by an\ninformation disclosure vulnerability.\n\nAn error exists related to the way SSL 3.0 handles padding bytes when\ndecrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A man-in-the-middle attacker can decrypt a\nselected byte of a cipher text in as few as 256 tries if they are able\nto force a victim application to repeatedly send the same data over\nnewly created SSL 3.0 connections. This is also known as the 'POODLE'\nissue.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.apple.com/kb/HT6527\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.securityfocus.com/archive/1/533724/30/0/threaded\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Mac OS X Server version 3.2.2 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x_server\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"macosx_server_services.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/MacOSX/Version\", \"MacOSX/Server/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nos = get_kb_item(\"Host/MacOSX/Version\");\nif (!os) audit(AUDIT_OS_NOT, \"Mac OS X\");\n\nif (!ereg(pattern:\"Mac OS X 10\\.9([^0-9]|$)\", string:os)) audit(AUDIT_OS_NOT, \"Mac OS X 10.9\");\n\nversion = get_kb_item_or_exit(\"MacOSX/Server/Version\");\n\nfixed_version = \"3.2.2\";\nif (ver_compare(ver:version, fix:fixed_version, strict:FALSE) == -1)\n{\n if (report_verbosity > 0)\n {\n report =\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version + \n '\\n';\n security_warning(port:0, extra:report);\n }\n else security_warning(0);\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, \"OS X Server\", version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:13:24", "description": "The remote host is missing one of the workarounds referenced in the Microsoft Security Advisory 3009008.\n\nIf the client registry key workaround has not been applied, any client software installed on the remote host (including IE) is affected by an information disclosure vulnerability when using SSL 3.0.\n\nIf the server registry key workaround has not been applied, any server software installed on the remote host (including IIS) is affected by an information disclosure vulnerability when using SSL 3.0.\n\nSSL 3.0 uses nondeterministic CBC padding, which allows a man-in-the-middle attacker to decrypt portions of encrypted traffic using a 'padding oracle' attack. This is also known as the 'POODLE' issue.", "cvss3": {}, "published": "2014-10-15T00:00:00", "type": "nessus", "title": "MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-23T00:00:00", "cpe": ["cpe:/o:microsoft:windows", "cpe:/a:microsoft:ie"], "id": "SMB_KB3009008.NASL", "href": "https://www.tenable.com/plugins/nessus/78447", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(78447);\n script_version(\"1.28\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/23\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n script_xref(name:\"MSKB\", value:\"3009008\");\n\n script_name(english:\"MS KB3009008: Vulnerability in SSL 3.0 Could Allow Information Disclosure (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is affected by a remote information disclosure\nvulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is missing one of the workarounds referenced in the\nMicrosoft Security Advisory 3009008.\n\nIf the client registry key workaround has not been applied, any client\nsoftware installed on the remote host (including IE) is affected by an\ninformation disclosure vulnerability when using SSL 3.0.\n\nIf the server registry key workaround has not been applied, any server\nsoftware installed on the remote host (including IIS) is affected by\nan information disclosure vulnerability when using SSL 3.0.\n\nSSL 3.0 uses nondeterministic CBC padding, which allows a\nman-in-the-middle attacker to decrypt portions of encrypted traffic\nusing a 'padding oracle' attack. This is also known as the 'POODLE'\nissue.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://docs.microsoft.com/en-us/security-updates/SecurityAdvisories/2015/3009008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc\");\n # https://security.googleblog.com/2014/10/this-poodle-bites-exploiting-ssl-30.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f3bc3182\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the client registry key workaround and the server registry key\nworkaround suggested by Microsoft in the advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:TF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/10/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:microsoft:windows\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:microsoft:ie\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"smb_hotfixes.nasl\");\n script_require_keys(\"SMB/Registry/Enumerated\", \"SMB/WindowsVersion\", \"SMB/IE/Version\");\n script_require_ports(139, 445);\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude(\"smb_hotfixes.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"smb_hotfixes_fcheck.inc\");\ninclude(\"smb_reg_query.inc\");\n\nif (hotfix_check_sp_range(win2003:'2', vista:'2', win7:'1', win8:'0', win81:'0') <= 0) audit(AUDIT_OS_SP_NOT_VULN);\n\nie_version = get_kb_item_or_exit(\"SMB/IE/Version\");\n\nregistry_init();\n\n# check mitigation per user\nhku = registry_hive_connect(hive:HKEY_USERS, exit_on_fail:TRUE);\nsubkeys = get_registry_subkeys(handle:hku, key:'');\n\nforeach key (subkeys)\n{\n if ('.DEFAULT' >< key || 'Classes' >< key ||\n key =~ \"^S-1-5-\\d{2}$\") # skip built-in accounts\n continue;\n\n mitigation = FALSE;\n\n key_protocols = '\\\\Software\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\SecureProtocols';\n value = get_registry_value(handle:hku, item:key + key_protocols);\n\n if (isnull(value))\n {\n # By default this key won't exist and SSLv3 will be enabled\n # Once a user toggles any of the protocols, this key is created and contains the correct bitmask\n mitigation = FALSE;\n }\n\n# The SSLv3 flag is 32 (0x020).\n else if ((value & 0x020) == 0)\n mitigation = TRUE;\n\n if (!mitigation)\n info_user_settings += '\\n ' + key + ' (SSLv3 Enabled)';\n}\n\nRegCloseKey(handle:hku);\n\nhklm = registry_hive_connect(hive:HKEY_LOCAL_MACHINE, exit_on_fail:TRUE);\n\nvalue = get_registry_value(handle:hklm, item:'Software\\\\Policies\\\\Microsoft\\\\Windows\\\\CurrentVersion\\\\Internet Settings\\\\SecureProtocols');\n\nif (!isnull(value) && ((value & 0x020) == 0))\n info_user_settings = ''; # mitigated by group policy which overrides user settings\n\n# if this doesn't exist, it is enabled\n# if this does exit and isn't 0, it is enabled\nvalue = get_registry_value(handle:hklm, item:'SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 3.0\\\\Server\\\\Enabled');\nif (isnull(value) || int(value) != 0)\n server_ssl3_enabled = TRUE;\nelse\n server_ssl3_enabled = FALSE;\n\n# if this doesn't exist, it is enabled\n# if this does exit and isn't 0, it is enabled\nvalue = get_registry_value(handle:hklm, item:'SYSTEM\\\\CurrentControlSet\\\\Control\\\\SecurityProviders\\\\SCHANNEL\\\\Protocols\\\\SSL 3.0\\\\Client\\\\Enabled');\nif (isnull(value) || int(value) != 0)\n client_ssl3_enabled = TRUE;\nelse\n client_ssl3_enabled = FALSE;\n\nif (!client_ssl3_enabled && !server_ssl3_enabled)\n set_kb_item(name:\"SMB/ssl_v3_poodle_workaround_enabled\", value:TRUE);\nelse\n set_kb_item(name:\"SMB/ssl_v3_poodle_workaround_enabled\", value:FALSE);\n\nRegCloseKey(handle:hklm);\n\nclose_registry();\n\nif (client_ssl3_enabled || server_ssl3_enabled)\n{\n port = kb_smb_transport();\n\n if (report_verbosity > 0)\n {\n report = '';\n if (server_ssl3_enabled)\n {\n report +=\n '\\n' + 'The workaround to disable SSL 3.0 for all server software installed on' +\n '\\n' + 'the remote host has not been applied.' +\n '\\n';\n }\n\n if (client_ssl3_enabled)\n {\n report +=\n '\\n' + 'The workaround to disable SSL 3.0 for all client software installed on' +\n '\\n' + 'the remote host has not been applied.' +\n '\\n';\n\n if (info_user_settings != '')\n {\n report +=\n '\\n' + 'The following users on the remote host have vulnerable IE settings :' +\n '\\n' + info_user_settings +\n '\\n';\n }\n }\n\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse exit(0, \"The host is not affected since a workaround has been applied.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:15:59", "description": "The remote Cisco Wireless LAN Controller (WLC) is affected by an information disclosure vulnerability known as POODLE. The vulnerability is due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. MitM attackers can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.", "cvss3": {}, "published": "2014-12-03T00:00:00", "type": "nessus", "title": "Cisco Wireless LAN Controllers 5500 Series (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-23T00:00:00", "cpe": ["cpe:/o:cisco:wireless_lan_controller_software", "cpe:/h:cisco:wireless_lan_controller"], "id": "CISCO-SA-20141015-POODLE-WLC.NASL", "href": "https://www.tenable.com/plugins/nessus/79690", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79690);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/23\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n script_xref(name:\"CISCO-SA\", value:\"cisco-sa-20141015-poodle\");\n script_xref(name:\"CISCO-BUG-ID\", value:\"CSCur27551\");\n\n script_name(english:\"Cisco Wireless LAN Controllers 5500 Series (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Cisco Wireless LAN Controller (WLC) is affected by an\ninformation disclosure vulnerability known as POODLE. The\nvulnerability is due to the way SSL 3.0 handles padding bytes when\ndecrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. MitM attackers can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n # https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20141015-poodle.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f86217b4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the relevant patch referenced in Cisco bug CSCur27551 or contact\nthe vendor regarding patch options.\n\nAlternatively, to mitigate this issue, FIPS mode can be enabled with\nthe following command 'config switchconfig fips-prerequisite enable'.\nNote that this change can affect the operation of other features.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:TF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2014-3566\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/10/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:cisco:wireless_lan_controller_software\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:cisco:wireless_lan_controller\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CISCO\");\n\n script_copyright(english:\"This script is Copyright (C) 2014-2023 Tenable Network Security, Inc.\");\n\n script_dependencies(\"cisco_wlc_version.nasl\");\n script_require_keys(\"Host/Cisco/WLC/Version\", \"Host/Cisco/WLC/Port\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Host/Cisco/WLC/Version\");\nmodel = get_kb_item_or_exit(\"Host/Cisco/WLC/Model\");\nport = get_kb_item_or_exit(\"Host/Cisco/WLC/Port\");\n\n# Only 5500 series\nif (model !~ \"(^|[^0-9])55\\d\\d($|[^0-9])\") audit(AUDIT_HOST_NOT, \"Cisco 5500 Series Wireless Controller\");\n\n######################\n# Known Affected :\n# 7.0(250.0)\n# 7.4(121.0)\n# 7.6(130.0)\n# 8.0(100.0)\n######################\n# Known Fixed :\n# 7.0(241.14)\n# 7.5(102.28)\n# 7.6(130.13)\n# 8.0(102.37)\n# 8.1(10.51)\n######################\n\nfixed_version = \"\";\nif (version == \"7.0.250.0\") fixed_version = \"See solution.\";\nelse if (version == \"7.4.121.0\") fixed_version = \"7.5.102.28\";\nelse if (version == \"7.6.130.0\") fixed_version = \"7.6.130.13\";\nelse if (version == \"8.0.100.0\") fixed_version = \"8.0.102.37 / 8.1.10.51\";\nelse audit(AUDIT_HOST_NOT, \"affected\");\n\nif (report_verbosity > 0)\n{\n report =\n '\\n Model : ' + model +\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fixed_version +\n '\\n';\n security_warning(port:port, extra:report);\n}\nelse security_warning(port);\n\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:16:06", "description": "This release handles the recent POODLE vulnerability by disabling SSLv2/SSLv3 by default for the most predominate uses of TLS in Node.js.\n\nIt took longer than expected to get this release accomplished in a way that would provide appropriate default security settings, while minimizing the surface area for the behavior change we were introducing. It was also important that we validated that our changes were being applied in the variety of configurations we support in our APIs.\n\nWith this release, we are confident that the only behavior change is that of the default allowed protocols do not include SSLv2 or SSLv3.\nThough you are still able to programatically consume those protocols if necessary.\n\nIncluded is the documentation that you can find at https://nodejs.org/api/tls.html#tls_protocol_support that describes how this works going forward for client and server implementations.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "Fedora 20 : libuv-0.10.29-1.fc20 / nodejs-0.10.33-1.fc20 (2014-15379) (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libuv", "p-cpe:/a:fedoraproject:fedora:nodejs", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-15379.NASL", "href": "https://www.tenable.com/plugins/nessus/79896", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-15379.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79896);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/28\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"FEDORA\", value:\"2014-15379\");\n\n script_name(english:\"Fedora 20 : libuv-0.10.29-1.fc20 / nodejs-0.10.33-1.fc20 (2014-15379) (POODLE)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This release handles the recent POODLE vulnerability by disabling\nSSLv2/SSLv3 by default for the most predominate uses of TLS in\nNode.js.\n\nIt took longer than expected to get this release accomplished in a way\nthat would provide appropriate default security settings, while\nminimizing the surface area for the behavior change we were\nintroducing. It was also important that we validated that our changes\nwere being applied in the variety of configurations we support in our\nAPIs.\n\nWith this release, we are confident that the only behavior change is\nthat of the default allowed protocols do not include SSLv2 or SSLv3.\nThough you are still able to programatically consume those protocols\nif necessary.\n\nIncluded is the documentation that you can find at\nhttps://nodejs.org/api/tls.html#tls_protocol_support that describes\nhow this works going forward for client and server implementations.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1152789\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146232.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d7ced4d\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-December/146233.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c76efe42\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://nodejs.org/api/tls.html#tls_protocol_support\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libuv and / or nodejs packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libuv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nodejs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/19\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"libuv-0.10.29-1.fc20\")) flag++;\nif (rpm_check(release:\"FC20\", reference:\"nodejs-0.10.33-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libuv / nodejs\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T14:59:07", "description": "lighttpd, a small webserver, is vulnerable to the POODLE attack via the use of SSLv3. This protocol is now disabled by default.", "cvss3": {}, "published": "2016-02-25T00:00:00", "type": "nessus", "title": "Debian DSA-3489-1 : lighttpd - security update (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-28T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:lighttpd", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-3489.NASL", "href": "https://www.tenable.com/plugins/nessus/88941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-3489. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(88941);\n script_version(\"2.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/28\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_xref(name:\"DSA\", value:\"3489\");\n\n script_name(english:\"Debian DSA-3489-1 : lighttpd - security update (POODLE)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"lighttpd, a small webserver, is vulnerable to the POODLE attack via\nthe use of SSLv3. This protocol is now disabled by default.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=765702\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/lighttpd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2016/dsa-3489\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the lighttpd packages.\n\nFor the oldstable distribution (wheezy), this problem has been fixed\nin version 1.4.31-4+deb7u4.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:lighttpd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/02/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/02/25\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-doc\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-mod-cml\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-mod-magnet\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-mod-mysql-vhost\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-mod-trigger-b4-dl\", reference:\"1.4.31-4+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"lighttpd-mod-webdav\", reference:\"1.4.31-4+deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:09:08", "description": "suseRegister was updated to fix one security issue :\n\n - POODLE: Ensure that only TLS is used. (CVE-2014-3566)", "cvss3": {}, "published": "2015-01-06T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : suseRegister (SAT Patch Number 10008)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-28T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:suseregister", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_SUSEREGISTER-141121.NASL", "href": "https://www.tenable.com/plugins/nessus/80390", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(80390);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/28\");\n\n script_cve_id(\"CVE-2014-3566\");\n\n script_name(english:\"SuSE 11.3 Security Update : suseRegister (SAT Patch Number 10008)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"suseRegister was updated to fix one security issue :\n\n - POODLE: Ensure that only TLS is used. (CVE-2014-3566)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=901757\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2014-3566.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 10008.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:suseRegister\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/11/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2023 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"suseRegister-1.4-1.35.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"suseRegister-1.4-1.35.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"suseRegister-1.4-1.35.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-09-26T15:22:34", "description": "A man-in-the-middle (MitM) information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining (CBC) mode. A MitM attacker can decrypt a selected byte of a cipher text in as few as 256 tries if they are able to force a victim application to repeatedly send the same data over newly created SSL 3.0 connections.", "cvss3": {}, "published": "2015-06-19T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 2 : nettcp (IV73418) (POODLE)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-3566"], "modified": "2023-06-26T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IV73418.NASL", "href": "https://www.tenable.com/plugins/nessus/84270", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84270);\n script_version(\"2.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/06/26\");\n\n script_cve_id(\"CVE-2014-3566\");\n script_bugtraq_id(70574);\n script_xref(name:\"CERT\", value:\"577193\");\n\n script_name(english:\"AIX 7.1 TL 2 : nettcp (IV73418) (POODLE)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AIX host is missing a security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"A man-in-the-middle (MitM) information disclosure vulnerability,\nknown as POODLE, exists due to the way SSL 3.0 handles padding bytes\nwhen decrypting messages encrypted using block ciphers in cipher block\nchaining (CBC) mode. A MitM attacker can decrypt a selected byte of a\ncipher text in as few as 256 tries if they are able to force a victim\napplication to repeatedly send the same data over newly created SSL\n3.0 connections.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://aix.software.ibm.com/aix/efixes/security/nettcp_advisory.asc\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.imperialviolet.org/2014/10/14/poodle.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.openssl.org/~bodo/ssl-poodle.pdf\");\n script_set_attribute(attribute:\"see_also\", value:\"https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00\");\n script_set_attribute(attribute:\"solution\", value:\n\"Install the appropriate interim fix.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2014/10/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/19\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"AIX Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2015-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\", \"Host/AIX/oslevelsp\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\noslevel = chomp(get_kb_item(\"Host/AIX/oslevelsp\"));\nif (isnull(oslevel)) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\noslevelparts = split(oslevel, sep:'-', keep:0);\nif ( max_index(oslevelparts) != 4 ) audit(AUDIT_UNKNOWN_APP_VER, \"AIX\");\nif ( oslevelparts[0] != \"7100\" || oslevelparts[1] != \"02\" || oslevelparts[2] != \"06\" ) audit(AUDIT_OS_NOT, \"AIX 7100-02-06\", \"AIX \" + oslevel);\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73418s6a|IV75645m6a)\", package:\"bos.net.tcp.client\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.19\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"02\", sp:\"06\", patch:\"(IV73418s6a|IV75645m6a)\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.0.0\", maxfilesetver:\"7.1.2.18\") < 0) flag++;\n\nif (flag)\n{\n aix_report_extra = ereg_replace(string:aix_report_get(), pattern:\"[()]\", replace:\"\");\n aix_report_extra = ereg_replace(string:aix_report_extra, pattern:\"[|]\", replace:\" or \");\n if (report_verbosity > 0) security_warning(port:0, extra:aix_report_extra);\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = aix_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"bos.net.tcp.client / bos.net.tcp.server\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "osv": [{"lastseen": "2023-06-28T06:34:34", "description": "\nThis update fixes certain known vulnerabilities in pound in squeeze-lts by\nbackporting the version in wheezy.\n\n\n* [CVE-2009-3555](https://security-tracker.debian.org/tracker/CVE-2009-3555)\nThe TLS protocol, and the SSL protocol 3.0 and possibly earlier, as\n used in Microsoft Internet Information Services (IIS) 7.0, mod\\_ssl\n in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,\n GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other products,\n does not properly associate renegotiation handshakes with an\n existing connection, which allows man-in-the-middle attackers to\n insert data into HTTPS sessions, and possibly other types of\n sessions protected by TLS or SSL, by sending an unauthenticated\n request that is processed retroactively by a server in a\n post-renegotiation context, related to a plaintext injection\n attack, aka the Project Mogul issue.\n* [CVE-2011-3389](https://security-tracker.debian.org/tracker/CVE-2011-3389)\nThe SSL protocol, as used in certain configurations in Microsoft\n Windows and Microsoft Internet Explorer, Mozilla Firefox, Google\n Chrome, Opera, and other products, encrypts data by using CBC mode\n with chained initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a blockwise\n chosen-boundary attack (BCBA) on an HTTPS session, in conjunction\n with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the\n Java URLConnection API, or (3) the Silverlight WebClient API, aka a\n BEAST attack.\n* [CVE-2012-4929](https://security-tracker.debian.org/tracker/CVE-2012-4929)\nThe TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google\n Chrome, Qt, and other products, can encrypt compressed data without\n properly obfuscating the length of the unencrypted data, which\n allows man-in-the-middle attackers to obtain plaintext HTTP headers\n by observing length differences during a series of guesses in which\n a string in an HTTP request potentially matches an unknown string in\n an HTTP header, aka a CRIME attack.\n* [CVE-2014-3566](https://security-tracker.debian.org/tracker/CVE-2014-3566)\nThe SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the POODLE issue.\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2016-01-24T00:00:00", "type": "osv", "title": "pound - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2023-06-28T06:33:55", "id": "OSV:DLA-400-1", "href": "https://osv.dev/vulnerability/DLA-400-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-06-28T06:36:48", "description": "\nPound, a HTTP reverse proxy and load balancer, had several issues\nrelated to vulnerabilities in the Secure Sockets Layer (SSL) protocol.\n\n\nFor Debian 7 (wheezy) this update adds a missing part to make it actually\npossible to disable client-initiated renegotiation and disables it by default\n([CVE-2009-3555](https://security-tracker.debian.org/tracker/CVE-2009-3555)).\nTLS compression is disabled ([CVE-2012-4929](https://security-tracker.debian.org/tracker/CVE-2012-4929)),\nalthough this is normally already disabled by the OpenSSL system library.\nFinally it adds the ability to disable the SSLv3 protocol ([CVE-2014-3566](https://security-tracker.debian.org/tracker/CVE-2014-3566))\nentirely via the new DisableSSLv3 configuration directive, although it\nwill not disabled by default in this update. Additionally a non-security\nsensitive issue in redirect encoding is\naddressed.\n\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation ([CVE-2009-3555](https://security-tracker.debian.org/tracker/CVE-2009-3555)).\nThis update addresses that issue for jessie.\n\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.6-2+deb7u1.\n\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.6-6+deb8u1.\n\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.6-6.1.\n\n\nWe recommend that you upgrade your pound packages.\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2015-05-07T00:00:00", "type": "osv", "title": "pound - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2023-06-28T06:35:58", "id": "OSV:DSA-3253-1", "href": "https://osv.dev/vulnerability/DSA-3253-1", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-09-18T23:46:45", "description": "Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"", "cvss3": {}, "published": "2022-05-01T02:04:54", "type": "osv", "title": "Tomcat Vulnerable to Web Cache Poisoning", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2023-09-18T23:42:52", "id": "OSV:GHSA-F2GQ-P6QV-CCW4", "href": "https://osv.dev/vulnerability/GHSA-f2gq-p6qv-ccw4", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-07-21T08:30:07", "description": "\nJuliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\nCRIME, allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.\n\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\n\n\nFor the testing distribution (wheezy), and unstable distribution (sid),\nthis problem has been fixed in version 1.1.16-1.\n\n\nWe recommend that you upgrade your nginx packages.\n\n\n", "cvss3": {}, "published": "2013-02-17T00:00:00", "type": "osv", "title": "nginx - information leak", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2022-07-21T05:47:54", "id": "OSV:DSA-2627-1", "href": "https://osv.dev/vulnerability/DSA-2627-1", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-08-17T23:47:53", "description": "Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which allows remote attackers to trigger incorrect identification of a request's length and conduct request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a \"Transfer-Encoding: chunked\" header. NOTE: this vulnerability exists because of an incomplete fix for CVE-2005-2090.", "cvss3": {}, "published": "2022-05-14T01:10:36", "type": "osv", "title": "Apache Tomcat is vulnerable to HTTP request-smuggling", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2013-4286"], "modified": "2023-08-17T23:47:43", "id": "OSV:GHSA-J448-J653-R3VJ", "href": "https://osv.dev/vulnerability/GHSA-j448-j653-r3vj", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2022-07-21T08:14:55", "description": "\nThis update allows to disable SSLv3 in lighttpd in order to protect\nagainst the POODLE attack. SSLv3 is now disabled by default and can be\nreenabled (if needed) using the ssl.use-sslv3 option.\n\n\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2015-07-25T00:00:00", "type": "osv", "title": "lighttpd - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2022-07-21T05:53:56", "id": "OSV:DLA-282-1", "href": "https://osv.dev/vulnerability/DLA-282-1", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "debian": [{"lastseen": "2023-02-14T20:53:25", "description": "Package : pound\nVersion : 2.6-1+deb6u1\nCVE ID : CVE-2009-3555 CVE-2011-3389 CVE-2012-4929 CVE-2014-3566\n\nThis update fixes certain known vulnerabilities in pound in squeeze-lts by\nbackporting the version in wheezy.\n\nCVE-2009-3555\n The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as\n used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl\n in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l,\n GnuTLS 2.8.5 and earlier, Mozilla Network Security Services (NSS)\n 3.12.4 and earlier, multiple Cisco products, and other products,\n does not properly associate renegotiation handshakes with an\n existing connection, which allows man-in-the-middle attackers to\n insert data into HTTPS sessions, and possibly other types of\n sessions protected by TLS or SSL, by sending an unauthenticated\n request that is processed retroactively by a server in a\n post-renegotiation context, related to a "plaintext injection"\n attack, aka the "Project Mogul" issue.\n\nCVE-2011-3389\n The SSL protocol, as used in certain configurations in Microsoft\n Windows and Microsoft Internet Explorer, Mozilla Firefox, Google\n Chrome, Opera, and other products, encrypts data by using CBC mode\n with chained initialization vectors, which allows man-in-the-middle\n attackers to obtain plaintext HTTP headers via a blockwise\n chosen-boundary attack (BCBA) on an HTTPS session, in conjunction\n with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the\n Java URLConnection API, or (3) the Silverlight WebClient API, aka a\n "BEAST" attack.\n\nCVE-2012-4929\n The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google\n Chrome, Qt, and other products, can encrypt compressed data without\n properly obfuscating the length of the unencrypted data, which\n allows man-in-the-middle attackers to obtain plaintext HTTP headers\n by observing length differences during a series of guesses in which\n a string in an HTTP request potentially matches an unknown string in\n an HTTP header, aka a "CRIME" attack.\n\nCVE-2014-3566\n The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other\n products, uses nondeterministic CBC padding, which makes it easier\n for man-in-the-middle attackers to obtain cleartext data via a\n padding-oracle attack, aka the "POODLE" issue.\n- -- \nBrian May <bam@debian.org>", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2016-01-24T04:50:54", "type": "debian", "title": "[SECURITY] [DLA 400-1] pound security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2011-3389", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2016-01-24T04:50:54", "id": "DEBIAN:DLA-400-1:76CCE", "href": "https://lists.debian.org/debian-lts-announce/2016/01/msg00025.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-05-02T16:20:26", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3253-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nMay 07, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : pound\nCVE ID : CVE-2009-3555 CVE-2012-4929 CVE-2014-3566\nDebian Bug : 723731 727197 765539 765649\n\nPound, a HTTP reverse proxy and load balancer, had several issues\nrelated to vulnerabilities in the Secure Sockets Layer (SSL) protocol.\n\nFor Debian 7 (wheezy) this update adds a missing part to make it\nactually possible to disable client-initiated renegotiation and\ndisables it by default (CVE-2009-3555). TLS compression is disabled\n(CVE-2012-4929), although this is normally already disabled by the OpenSSL\nsystem library. Finally it adds the ability to disable the SSLv3 protocol\n(CVE-2014-3566) entirely via the new "DisableSSLv3" configuration\ndirective, although it will not disabled by default in this update.\nAdditionally a non-security sensitive issue in redirect encoding is\naddressed.\n\nFor Debian 8 (jessie) these issues have been fixed prior to the release,\nwith the exception of client-initiated renegotiation (CVE-2009-3555).\nThis update addresses that issue for jessie.\n\nFor the oldstable distribution (wheezy), these problems have been fixed\nin version 2.6-2+deb7u1.\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 2.6-6+deb8u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 2.6-6.1.\n\nWe recommend that you upgrade your pound packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2015-05-07T19:39:51", "type": "debian", "title": "[SECURITY] [DSA 3253-1] pound security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-3555", "CVE-2012-4929", "CVE-2014-3566"], "modified": "2015-05-07T19:39:51", "id": "DEBIAN:DSA-3253-1:0C444", "href": "https://lists.debian.org/debian-security-announce/2015/msg00141.html", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:P"}}, {"lastseen": "2023-05-02T17:09:37", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2627-1 security@debian.org\nhttp://www.debian.org/security/ Thijs Kinkhorst\nFebruary 17, 2013 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : nginx\nVulnerability : information leak\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-4929\nDebian Bug : 700426\n\nJuliano Rizzo and Thai Duong discovered a weakness in the TLS/SSL\nprotocol when using compression. This side channel attack, dubbed\n'CRIME', allows eavesdroppers to gather information to recover the\noriginal plaintext in the protocol. This update to nginx disables\nSSL compression.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 0.7.67-3+squeeze3.\n\nFor the testing distribution (wheezy), and unstable distribution (sid),\nthis problem has been fixed in version 1.1.16-1.\n\nWe recommend that you upgrade your nginx packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2013-02-17T11:14:31", "type": "debian", "title": "[SECURITY] [DSA 2627-1] nginx security update", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2013-02-17T11:14:31", "id": "DEBIAN:DSA-2627-1:E508D", "href": "https://lists.debian.org/debian-security-announce/2013/msg00032.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-02T16:50:39", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2398-2 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nMarch 31, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : curl\nVulnerability : regression\nDebian-specific: no\nDebian Bug : 658276\n\ncURL is a command-line tool and library for transferring data with URL\nsyntax. It was discovered that the countermeasures against the\nDai/Rogaway chosen-plaintext attack on SSL/TLS (CVE-2011-3389,\n"BEAST") cause interoperability issues with some server\nimplementations. This update ads the the CURLOPT_SSL_OPTIONS and\nCURLSSLOPT_ALLOW_BEAST options to the library, and the\n- --ssl-allow-beast option to the "curl" program.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 7.21.0-2.1+squeeze2.\n\nWe recommend that you upgrade your curl packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {}, "published": "2012-03-31T19:38:57", "type": "debian", "title": "[SECURITY] [DSA 2398-2] curl regression", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2012-03-31T19:38:57", "id": "DEBIAN:DSA-2398-2:1A463", "href": "https://lists.debian.org/debian-security-announce/2012/msg00075.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "rapid7blog": [{"lastseen": "2021-09-01T13:16:34", "description": "\n\nThe pandemic and remote work shattered your perimeter. Your attack surface has changed \u2014 and will keep changing.\n\nIt\u2019s our mission to help customers strengthen security defenses and stay ahead of evil. As the modern perimeter expands, new (and old) vulnerabilities emerge as open doors for attackers; some can be exploited, and that leads to attacks.\n\nThe fact is, most successful attacks are caused by unpatched vulnerabilities, and most can be traced back to human error. So one answer to reducing risk is to patch the vulnerabilities you find with a simple external scan.\n\nRapid7 has been at the forefront of vulnerability risk management for 20 years \u2014 from the days where on-premise [Nexpose](<https://www.rapid7.com/products/nexpose/>) scanners ruled, to our cloud-based [InsightVM](<https://www.rapid7.com/products/insightvm>) solution, to our [Managed Vulnerability Management](<https://www.rapid7.com/services/managed-services/vulnerability-management/>) service.\n\nNow, we\u2019re adding a new capability (and report) to connect proactive and reactive security for our MDR Essentials customers. We call it Attack Surface Visibility.\n\n## Introducing Attack Surface Visibility\n\nOur goal with Attack Surface Visibility \u2014 built exclusively for our MDR Essentials customers \u2014 is to help proactively plug the holes that attackers may exploit and, in turn, reduce the number of low-hanging incidents that could be avoided.\n\nThe Attack Surface Visibility report breaks down risks in your environment based on Rapid7\u2019s granular [Real Risk score](<https://www.rapid7.com/globalassets/_pdfs/product-and-service-briefs/rapid7-solution-brief-quantifying-risk-insightvm.pdf>). It looks at exploitability, malware exposure, and vulnerability age to give customers the actionable data that prioritizes remediation efforts on the places attackers will focus.\n\nAttack Surface Visibility gives MDR Essentials customers the ability to:\n\n * See a monthly snapshot of how your exposed attack surface looks to an opportunistic attacker\n * Gain visibility into the top externally facing vulnerabilities that attackers can easily exploit\n * Stay ahead of risks as your attack surface changes\n * Optimize your team\u2019s efforts with clear, prioritized actions to remediate risks and improve your security posture\n * Reduce the amount of alerts, MDR investigations, and incidents in your environment by being more proactive with your externally facing remediation efforts\n * Collaborate with your Security Advisor to determine prioritization and patching priority\n\nWhile it does not replace the need for a true vulnerability management program, Attack Surface Visibility offers your team a better level of awareness to detect obvious weak points that attackers may exploit. Even customers running programs with [InsightVM](<https://www.rapid7.com/products/insightvm/>) \u2014 our industry-leading vulnerability risk management solution backed by Gartner and Forrester \u2014 are able to see value.\n\n## Attack Surface Visibility in action\n\nThe first time we spun up the scan engine and sent the new report out to a customer, they saw instant value. The scan found almost 20 different remediations needed across their assets scanned, including a few highly concerning risks their MDR Security Advisor prioritized as the first ones to remediate:\n\n * **Remove/disable SMBv1** **\u2014** For those who were in cybersecurity during 2017, I\u2019m sure this is triggering some shell shock from the days of [EternalBlue](<https://www.rapid7.com/blog/post/2017/04/18/the-shadow-brokers-leaked-exploits-faq/>) and [WannaCry](<https://www.rapid7.com/blog/post/2017/05/12/wanna-decryptor-wncry-ransomware-explained/>). Let\u2019s be honest: SMB1 was designed for a world that existed almost 40 years ago and doesn\u2019t belong in 2021. Even [the guy who owns SMB at Microsoft urges everyone to stop using it](<https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858>). The fact is, with malware kits available in [Metasploit](<https://www.rapid7.com/db/modules/exploit/windows/smb/ms17_010_eternalblue/>), anyone who knows what they\u2019re doing can launch an attack to exploit it. This one's a big risk, but a quick fix.\n * **Configure SMB signing for Windows** **\u2014** Attackers have it easy when SMB is exposed externally. Most attacks stemming from this arise from attackers leveraging credential stuffing (password reuse) on external-facing assets as their primary method of entry. Since this organization is in the process of implementing 2FA, this was another focus for immediate remediation efforts.\n * **Disable insecure TLS/SSL protocol support** **\u2014** As time marches on, cryptography standards evolve to meet the needs of an ever-more secure internet. However, the long shadow of legacy clients tends to mean that, by default, older and insecure cryptographic protocols remain enabled. These defaults tend to open up an attack surface that is otherwise mitigated by running modern cryptography suites. Specifically, organizations need to be aware of the risks posed by exposing older algorithms to attacks such as [BEAST](<https://www.rapid7.com/db/vulnerabilities/ssl-cve-2011-3389-beast/>), [POODLE](<https://www.rapid7.com/db/vulnerabilities/sslv3-cve-2014-3566-poodle/>), and [Lucky Thirteen](<https://www.rapid7.com/db/vulnerabilities/ssl-cbc-ciphers/>).\n\nIn the customer\u2019s words, this was \u201ceye-opening.\u201d\n\nYou can see what a sample version of the report looks like [here](<https://view.highspot.com/viewer/612e4a6cf31bbd54581a37b4>).\n\n## For our existing MDR Essentials customers\n\nGood news! We will be rolling out your first Attack Surface Visibility reports starting in Q4. Your Customer Advisor will reach out to you soon to capture external IP addresses in order to begin the scanning process.\n\nWe look forward to helping you continue to build more confidence with your security program!\n\n## To our future customers\n\nRapid7 MDR has service offerings available for customers of any size, security maturity, or industry. Whether you\u2019re looking for your first MDR provider or making an upgrade, we have a service that fits your goals.\n\nInterested in learning about Rapid7 MDR? Let\u2019s connect you with an expert.\n\n#### [Schedule time to talk shop](<https://www.rapid7.com/services/request/>)", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 3.4, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 1.4}, "published": "2021-09-01T13:11:33", "type": "rapid7blog", "title": "New Rapid7 MDR Essentials Capability Sees What Attackers See: \u201cIt\u2019s Eye-Opening\u201d", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389", "CVE-2014-3566"], "modified": "2021-09-01T13:11:33", "id": "RAPID7BLOG:7535985DCB1FBEA5FAF46D9453037D10", "href": "https://blog.rapid7.com/2021/09/01/new-rapid7-mdr-capability-sees-what-attackers-see-its-eye-opening/", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "veracode": [{"lastseen": "2023-04-18T15:39:26", "description": "Apache Tomcat is vulnerable to HTTP request smuggling. Incorrect handling of HTTP requests allows a remote attacker to poison the web cache, bypass web application firewall protections or perform XSS attacks. The vulnerability is exploited by submitting crafted values for the `Transfer-Encoding` and `Content-Length` HTTP headers.\n", "cvss3": {}, "published": "2018-11-13T06:55:19", "type": "veracode", "title": "HTTP Request Smuggling", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2019-05-15T06:17:54", "id": "VERACODE:7774", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-7774/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-04-18T14:22:16", "description": "OpenSSL is vulnerable to information leakage. When optional compression is used, TLS/SSL protocol does not obscure the length of the unencrypted data. Using this flaw, an attacker can perform brute force attack to guess encrypted TLS/SSL connection. \n", "cvss3": {}, "published": "2019-01-15T08:58:53", "type": "veracode", "title": "Information Leakage", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2019-05-15T06:18:00", "id": "VERACODE:11232", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11232/summary", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-18T14:06:04", "description": "java is vulnerable to man-in-the-middle (MitM). The vulnerability exists through a blockwise chosen-boundary attack (BCBA) on a HTTPS session.\n", "cvss3": {}, "published": "2019-05-02T04:55:58", "type": "veracode", "title": "Man-in-the-Middle (MitM)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-11-29T18:07:17", "id": "VERACODE:14770", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-14770/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-04-18T16:31:34", "description": "github.com/openshift/origin is vulnerable to blockwise chosen-boundary attacks (aka) the \"BEAST\" attack. It encrypts data by using CBC mode with chained initialization vectors which allows attackers to obtain plaintext HTTP headers through blockwise chosen-boundary attacks on HTTPS sessions. This artifact is related to CVE-2011-3389.\n", "cvss3": {}, "published": "2017-04-27T06:38:37", "type": "veracode", "title": "Blockwise Chosen-boundary Attacks", "bulletinFamily": "software", "cvss2": {}, "cvelist": ["CVE-2011-3389"], "modified": "2018-08-01T04:01:15", "id": "VERACODE:3983", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3983/summary", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-04-18T13:45:52", "description": "Apache Tomcat Coyote before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, doesn't handle inconsistent HTTP request headers well when an HTTP or AJP connector is used. This allows remote attackers to incorrectly identify the requests length and conduct request-smuggling attacks through multiple Content-Length headers or a Content-Length header and a \"Transfer-Encoding: chunked\" header. NOTE: This vulnerability exists because of an incomplete fix for CVE-2005-2090.\n", "cvss3": {}, "published": "2019-01-15T08:59:20", "type": "veracode", "title": "Request-smuggling Attacks", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2013-4286"], "modified": "2019-05-15T06:18:04", "id": "VERACODE:11259", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-11259/summary", "cvss": {"score": 5.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-04-18T16:30:36", "description": "OpenSSL is vulnerable to information disclosure. This is possible because the SSL protocol 3.0 uses a nondeterministic CBC padding allowing attackers to perform man-in-the-middle (MitM) attacks. This is also known as the POODLE issue.\n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2017-02-07T00:05:45", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2023-02-13T01:51:51", "id": "VERACODE:3467", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-3467/summary", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "f5": [{"lastseen": "2016-09-26T17:23:19", "description": "Recommended Action\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in SOL4602: Overview of the F5 security vulnerability response policy.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x)\n", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "f5", "title": "SOL16828 - Apache Tomcat vulnerability CVE-2005-2090", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2015-07-02T00:00:00", "id": "SOL16828", "href": "http://support.f5.com/kb/en-us/solutions/public/16000/800/sol16828.html", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-10-12T02:11:16", "description": " \n\n\nJakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling\". ([CVE-2005-2090](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2090>)) \n\n\nImpact \n\n\nThere is no impact; F5 products are not affected by this vulnerability.\n\nIf the previous table lists a version in the **Versions known to be not vulnerable** column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version in the column, then no upgrade candidate currently exists.\n\nF5 responds to vulnerabilities in accordance with the Severity values published in the previous table. The Severity values and other security vulnerability parameters are defined in [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x)](<https://support.f5.com/csp/article/K13123>)\n", "cvss3": {}, "published": "2015-07-02T21:34:00", "type": "f5", "title": "Apache Tomcat vulnerability CVE-2005-2090", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2016-01-09T02:23:00", "id": "F5:K16828", "href": "https://support.f5.com/csp/article/K16828", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2021-06-08T18:45:07", "description": "Vulnerability Recommended Actions\n\nTo eliminate this vulnerability, perform one of the following actions:\n\n * Upgrade to a software version that is listed in the **Versions known to be Not Vulnerable** column of the table.\n * Upgrade your client browser to a non-vulnerable version.\n\nSupplemental Information\n\n * SOL14059: CRIME vulnerability via the SPDY protocol CVE-2012-4929\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * The following link will take you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge: \n \n[Common Vulnerabilities and Exposures (CVE-2012-4929)](<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4929>) \n \n\n", "cvss3": {}, "published": "2012-12-05T00:00:00", "type": "f5", "title": "SOL14054 - CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2016-07-25T00:00:00", "id": "SOL14054", "href": "http://support.f5.com/kb/en-us/solutions/public/14000/000/sol14054.html", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2023-08-13T15:57:15", "description": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data. This allows man-in-the-middle attackers to obtain plain text HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, also referred to as a CRIME attack. ([CVE-2012-4929](<https://vulners.com/cve/CVE-2012-4929>))\n\nImpact\n\nConnections to the BIG-IP Configuration utility are at risk.\n\n**Note:** BIG-IP SSL profiles are not affected.\n", "cvss3": {}, "published": "2012-12-05T21:46:00", "type": "f5", "title": "CRIME vulnerability via TLS 1.2 protocol CVE-2012-4929", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2018-02-09T22:26:00", "id": "F5:K14054", "href": "https://support.f5.com/csp/article/K14054", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "github": [{"lastseen": "2023-09-24T04:47:39", "description": "Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"", "cvss3": {}, "published": "2022-05-01T02:04:54", "type": "github", "title": "Tomcat Vulnerable to Web Cache Poisoning", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2023-09-18T23:42:54", "id": "GHSA-F2GQ-P6QV-CCW4", "href": "https://github.com/advisories/GHSA-f2gq-p6qv-ccw4", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "cve": [{"lastseen": "2023-09-26T12:02:25", "description": "Jakarta Tomcat 5.0.19 (Coyote/1.1) and Tomcat 4.1.24 (Coyote/1.0) allows remote attackers to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a \"Transfer-Encoding: chunked\" header and a Content-Length header, which causes Tomcat to incorrectly handle and forward the body of the request in a way that causes the receiving server to process it as a separate HTTP request, aka \"HTTP Request Smuggling.\"", "cvss3": {}, "published": "2005-07-05T04:00:00", "type": "cve", "title": "CVE-2005-2090", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2019-04-15T16:29:00", "cpe": ["cpe:/a:apache:tomcat:4.1.24", "cpe:/a:apache:tomcat:5.0.19"], "id": "CVE-2005-2090", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2005-2090", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:apache:tomcat:4.1.24:*:*:*:*:*:*:*", "cpe:2.3:a:apache:tomcat:5.0.19:*:*:*:*:*:*:*"]}, {"lastseen": "2023-08-13T05:40:39", "description": "The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome, Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack.", "cvss3": {}, "published": "2012-09-15T18:55:00", "type": "cve", "title": "CVE-2012-4929", "cwe": ["CWE-310"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2018-04-22T01:29:00", "cpe": ["cpe:/o:debian:debian_linux:8.0", "cpe:/o:debian:debian_linux:7.0", "cpe:/a:mozilla:firefox:*", "cpe:/a:google:chrome:*"], "id": "CVE-2012-4929", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4929", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:*:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*"]}, {"lastseen": "2023-06-06T14:48:19", "description": "The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a \"BEAST\" attack.", "cvss3": {}, "published": "2011-09-06T19:55:00", "type": "cve", "title": "CVE-2011-3389", "cwe": ["CWE-326"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2022-11-29T15:56:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:redhat:enterprise_linux_server_aus:6.2", "cpe:/o:redhat:enterprise_linux_server:5.0", "cpe:/o:canonical:ubuntu_linux:10.04", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/a:opera:opera_browser:-", "cpe:/o:redhat:enterprise_linux_workstation:5.0", "cpe:/o:debian:debian_linux:6.0", "cpe:/a:mozilla:firefox:-", "cpe:/a:google:chrome:-", "cpe:/o:redhat:enterprise_linux_workstation:6.0", "cpe:/a:haxx:curl:7.23.1", "cpe:/a:microsoft:internet_explorer:-", "cpe:/o:redhat:enterprise_linux_server:6.0", "cpe:/o:redhat:enterprise_linux_desktop:6.0", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:microsoft:windows:-", "cpe:/o:redhat:enterprise_linux_desktop:5.0", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:redhat:enterprise_linux_eus:6.2"], "id": "CVE-2011-3389", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3389", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}, "cpe23": ["cpe:2.3:o:redhat:enterprise_linux_eus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:haxx:curl:7.23.1:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "cpe:2.3:a:google:chrome:-:*:*:*:*:*:*:*", "cpe:2.3:a:mozilla:firefox:-:*:*:*:*:*:*:*", "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:microsoft:internet_explorer:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:11.10:*:*:*:*:*:*:*"]}], "cert": [{"lastseen": "2023-05-31T14:42:52", "description": "### Overview\n\nSome HTTP handling devices are vulnerable to a flaw which may allow a specially crafted request to elicit multiple responses, some of which may be controlled by the attacker. These attacks may result in cache poisoning, information leakage, cross-site scripting, and other outcomes.\n\n### Description\n\nA flaw in handling HTTP requests that contain the \"HTTP Request Smuggling\" class of attacksHTTP Request Smuggling attacks involve injecting HTTP request(s) within other HTTP requests. Devices that handle HTTP data, such as web caches and proxy servers, may contribute to a class of attacks known as \"HTTP Request Smuggling\" attacks. HTTP Request Smuggling attacks occur when specially-crafted HTTP requests are inconsistently processed by multiple interconnected devices. In this manner the secondary request(s) may be \"smuggled\" through other devices without detection.\n\nAs a simple example, including multiple `Content-Length` headers into a single request may result in interconnected devices handling the request in a different manner. Given two `Content-Length` headers, partial request data may be processed on one device where another subsequent device (using the longer `Content-Length` header) may read more request data. This in turn changes the nature of the request and may result in cache poisoning or request hijacking. \n \nHTTP Request Smuggling is outlined in depth in the [Watchfire \"HTTP Request Smuggling\" whitepaper](<http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf>). \n \n--- \n \n### Impact\n\nMultiple scenarios are possible depending on the devices in use and the strategies that are utilized by the attacker. These attacks may involve cache poisoning, request hijacking, protection bypass, and cross-site scripting. \n \n--- \n \n### Solution\n\n**Apply an update** \n \nContact your vendor for information on updates, patches, and workarounds. \n \n--- \n \n### Vendor Information\n\n625878\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Microsoft Corporation __ Affected\n\nUpdated: June 14, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n[Microsoft Security Bulletin MS05-034](<http://www.microsoft.com/technet/security/bulletin/MS05-034.mspx>) contains details on ISA Server 2000 updates, patches, and workarounds for this issue.\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23625878 Feedback>).\n\n### Squid __ Affected\n\nUpdated: June 14, 2005 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\nMore details are available in the [Squid Proxy Cache Security Update Advisory SQUID-2005:4](<http://www.squid-cache.org/Advisories/SQUID-2005_4.txt>).\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23625878 Feedback>).\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References\n\n * <http://www.watchfire.com/resources/HTTP-Request-Smuggling.pdf>\n * <http://www.squid-cache.org/Advisories/SQUID-2005_4.txt>\n * <http://www.microsoft.com/technet/security/bulletin/MS05-034.mspx>\n * <http://docs.info.apple.com/article.html?artnum=306172>\n\n### Acknowledgements\n\nThanks to Watchfire for providing information on this flaw.\n\nThis document was written by Ken MacInnis based primarily on information provided by Watchfire\n\n### Other Information\n\n**CVE IDs:** | [CVE-2005-2090](<http://web.nvd.nist.gov/vuln/detail/CVE-2005-2090>) \n---|--- \n**Severity Metric:** | 7.50 \n**Date Public:** | 2005-01-31 \n**Date First Published:** | 2005-02-04 \n**Date Last Updated: ** | 2007-08-08 18:12 UTC \n**Document Revision: ** | 61 \n", "cvss3": {}, "published": "2005-02-04T00:00:00", "type": "cert", "title": "Single crafted HTTP request may result in multiple responses", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2007-08-08T18:12:00", "id": "VU:625878", "href": "https://www.kb.cert.org/vuls/id/625878", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-05-31T14:40:45", "description": "### Overview\n\nA vulnerability in the specification of the SSL 3.0 and TLS 1.0 protocols could allow an attacker to decrypt encrypted traffic.\n\n### Description\n\nThe Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols are commonly used to provide authentication, encryption, integrity, and non-repudiation services to network application protocols such as HTTP, IMAP, POP3, LDAP, SMTP, and others. Several different versions of the SSL and TLS protocols have been standardized and are in widespread use. These protocols support the use of both block-based and stream-based ciphers.\n\nA vulnerability in the way the SSL 3.0 and TLS 1.0 protocols select the initialization vector (IV) when operating in cipher-block chaining (CBC) modes allows an attacker to perform a chosen-plaintext attack on encrypted traffic. This vulnerability has been addressed in the specification for the TLS 1.1 and TLS 1.2 protocols. \n \nWhile this vulnerability exists in the underlying specification of the affected protocols, a practical attack called BEAST has been demonstrated in the context of a web browser and the use of the HTTPS protocol. Because of the software functionality available to an attacker in this environment, it represents the most likely attack vector and the most significant risk for affected users. An effective BEAST attack appears to require a cross-domain vulnerability that allows the attacker to issue specially crafted HTTPS requests. A blog post by Th\u00e1i Duong discusses \"...a way to bypass the same-origin policy (SOP)...\" using a Java applet. \n \n--- \n \n### Impact\n\nAn attacker with the ability to pose as a man-in-the-middle and to generate specially-crafted plaintext input could decrypt the contents of an SSL- or TLS-encrypted session. This could allow the attacker to recover potentially sensitive information (e.g., HTTP authentication cookies). \n \n--- \n \n### Solution\n\nWe are currently unaware of a practical solution to this problem. \n \n--- \n \n**Workarounds** \n \nSome vendors have published specific mitigation advice for the attacks related to this issues. Please see the Vendor Information section of this document for more information. \n \nThe following general workarounds can be effective in mitigating this issue: \n\n\n * Prioritize the use of the RC4 algorithm over block ciphers in server software\nNote that this workaround is not feasible to implement on systems that require [FIPS-140](<http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf>) compliance since RC4 is not a FIPS-approved cryptographic algorithm.\n\n * Enable support for TLS 1.1 and/or TLS 1.2 in the web browser\n * Enable support for TLS 1.1 in server software\nNote that both the web servers and the client web browser must support TLS 1.1 or TLS 1.2 for these workarounds to be effective. The session will fallback to an earlier version of the TLS or SSL protocol in the event that either is incompatible with TLS 1.1 or TLS 1.2. \n--- \n \n### Vendor Information\n\n864643\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Google Affected\n\nUpdated: September 27, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * [http://src.chromium.org/viewvc/chrome?view=rev&revision=97269](<http://src.chromium.org/viewvc/chrome?view=rev&revision=97269>)\n\n### Microsoft Corporation Affected\n\nUpdated: September 27, 2011 \n\n**Statement Date: September 26, 2011**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://technet.microsoft.com/en-us/security/advisory/2588513>\n * <http://support.microsoft.com/kb/2588513>\n\n### Mozilla Affected\n\nUpdated: September 28, 2011 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=665814>\n * <http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/>\n\n### Opera Affected\n\nUpdated: December 08, 2011 \n\n**Statement Date: December 06, 2011**\n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.opera.com/docs/changelogs/windows/1160/>\n * <http://www.opera.com/docs/changelogs/mac/1160/>\n * <http://www.opera.com/docs/changelogs/unix/1160/>\n\n### Apple Inc. Unknown\n\nUpdated: September 27, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### GnuTLS Unknown\n\nUpdated: September 27, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### OpenSSL Unknown\n\nUpdated: September 27, 2011 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 0 | AV:--/AC:--/Au:--/C:--/I:--/A:-- \nTemporal | 0 | E:ND/RL:ND/RC:ND \nEnvironmental | 0 | CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <http://www.openssl.org/~bodo/tls-cbc.txt>\n * <http://www.imperialviolet.org/2011/09/23/chromeandbeast.html>\n * <http://www.phonefactor.com/blog/slaying-beast-mitigating-the-latest-ssltls-vulnerability.php>\n * <http://vnhacker.blogspot.com/2011/09/beast.html>\n * <https://blog.torproject.org/blog/tor-and-beast-ssl-attack>\n * <http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx>\n * <http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx>\n * [http://src.chromium.org/viewvc/chrome?view=rev&revision=97269](<http://src.chromium.org/viewvc/chrome?view=rev&revision=97269>)\n * <https://bugzilla.mozilla.org/show_bug.cgi?id=665814>\n * <http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html>\n * <http://www.ekoparty.org/2011/juliano-rizzo.php>\n\n### Acknowledgements\n\nThanks to Th\u00e1i Duong working with Matasano and Juliano Rizzo of Netifera for reporting the practical attack against this vulnerability. Wei Dai and Bodo M\u00f6ller identified the underlying flaw in the context of SSL and TLS.\n\nThis document was written by Chad R Dougherty.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2011-3389](<http://web.nvd.nist.gov/vuln/detail/CVE-2011-3389>) \n---|--- \n**Severity Metric:** | 3.38 \n**Date Public:** | 2002-02-08 \n**Date First Published:** | 2011-09-27 \n**Date Last Updated: ** | 2011-12-08 14:43 UTC \n**Document Revision: ** | 37 \n", "cvss3": {}, "published": "2011-09-27T00:00:00", "type": "cert", "title": "SSL 3.0 and TLS 1.0 allow chosen plaintext attack in CBC modes", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2011-12-08T14:43:00", "id": "VU:864643", "href": "https://www.kb.cert.org/vuls/id/864643", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-05-31T11:13:11", "description": "### Overview\n\nMany modern TLS clients can fall back to version 3.0 of the SSL protocol, which is vulnerable to a padding-oracle attack when Cypher-block chaining (CBC) mode is used. This is commonly referred to as the \"POODLE\" (Padding Oracle On Downgraded Legacy Encryption) attack.\n\n### Description\n\n[**CWE-327**](<http://cwe.mitre.org/data/definitions/327.html>)**: Use of a Broken or Risky Cryptographic Algorithm** \\- CVE-2014-3566\n\nMultiple implementations of SSL 3.0, including the implementation in OpenSSL up to version 1.0.1i, support the use of CBC mode. However, SSL 3.0 is vulnerable to a padding-oracle attack when CBC mode is used. A successful padding-oracle attack can provide an attacker with cleartext information from the encrypted communications. \n \nAdditionally, many modern TLS clients still support the ability to fall back to the SSL 3.0 protocol in order to communicate with legacy servers. A man-in-the-middle attacker may be able to force the protocol version negotiation sequence to downgrade to SSL 3.0, thereby opening up the opportunity to exploit the padding-oracle attack. \n \nFor more information, please refer to the original [security advisory](<https://www.openssl.org/~bodo/ssl-poodle.pdf>)[](<https://www.openssl.org/~bodo/ssl-poodle.pdf>). \n \n--- \n \n### Impact\n\nAn adjacent, unauthenticated attacker may be able to derive cleartext information from communications that utilize the SSL 3.0 protocol with CBC mode. \n \n--- \n \n### Solution\n\nOpenSSL [has fixed](<https://www.openssl.org/news/secadv_20141015.txt>) the issue in OpenSSL versions 1.0.1j, 1.0.0o, and 0.9.8zc. For other implementations of the protocol, please check with the appropriate maintainer or vendor to determine if the implementation is affected by this issue. Additionally, consider the following workaround: \n \n--- \n \n**Use TLS_FALLBACK_SCSV** \n \nIf disabling SSL 3.0 is not possible, TLS client and server implementations should make use of the [TLS_FALLBACK_SCSV](<https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00>) cipher suite value to prevent man-in-the-middle attackers from forcing unnecessary protocol downgrades. \n \n--- \n \n### Vendor Information\n\n577193\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Apple Inc. Affected\n\nUpdated: October 17, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.apple.com/kb/HT6531>\n\n### Aruba Networks, Inc. __ Affected\n\nNotified: October 17, 2014 Updated: October 20, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nAruba has published an [advisory](<http://www.arubanetworks.com/support/alerts/aid-10142014.txt>). Users should refer to the [advisory](<http://www.arubanetworks.com/support/alerts/aid-10142014.txt>) for up-to-date information.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://www.arubanetworks.com/support/alerts/aid-10142014.txt>\n\n### Attachmate __ Affected\n\nNotified: October 17, 2014 Updated: October 27, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nAttachmate has released an [advisory](<http://support.attachmate.com/techdocs/2750.html>).\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://support.attachmate.com/techdocs/2750.html>\n\n### Microsoft Corporation __ Affected\n\nNotified: October 17, 2014 Updated: January 21, 2015 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n<https://technet.microsoft.com/en-us/library/security/3009008.aspx>\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Mozilla Affected\n\nUpdated: October 17, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/>\n\n### NEC Corporation __ Affected\n\nUpdated: October 28, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\n\"We provide information on this issue at the following URL:\n\n<http://jpn.nec.com/security-info/av14-004.html>\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <http://jpn.nec.com/security-info/av14-004.html>\n\n### Novell, Inc. __ Affected\n\nUpdated: October 27, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nNovell has released an [advisory](<https://www.novell.com/support/kb/doc.php?id=7015777>).\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.novell.com/support/kb/doc.php?id=7015777>\n\n### OpenSSL Affected\n\nUpdated: October 17, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### SUSE Linux __ Affected\n\nUpdated: October 27, 2014 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nSUSE has released an [advisory](<https://www.suse.com/support/kb/doc.php?id=7015773>).\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.suse.com/support/kb/doc.php?id=7015773>\n\n### Legion of the Bouncy Castle __ Not Affected\n\nNotified: October 17, 2014 Updated: October 20, 2014 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"Bouncy Castle Java APIs version 1.46, or later, offer the ability to access SSL v3 by overriding methods in order to allow support for it. By default SSL v3 support is turned off.\n\nIt is possible to see if a developer has created the necessary overrides by looking for overrides of the methods AbstractTlsClient.getMinimumVersion () or TlsClient.notifyServerVersion () in client code, and by looking for overrides of AbstractTlsServer.getMinimumVersion () or TlsServer.getServerVersion () in server code. \n \nBouncy Castle C# APIs version 1.8 (still in beta), also contains a TLS API, which follows the same profile as the Bouncy Castle Java APIs in respect to SSL v3. Support for \u201cTLS Fallback Signaling Cipher Suite Value (SCSV) for Preventing Protocol Downgrade Attacks\u201d, currently described at \n \n<https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00> \n \nhas been added to both the Java and C# APIs to allow developers to prevent SSL v3 as anything but a worst case. We are planning to continue tracking the fallback document as it evolves and will include the results in the next releases of the Java and C# APIs (1.52 and 1.8 respectively) \n \nFor further enquiries in relation to this please contact us at [office@bouncycastle.org](<mailto:office@bouncycastle.org>).\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Vendor References\n\n * <https://www.bouncycastle.org/>\n\n### PeerSec Networks __ Not Affected\n\nNotified: October 17, 2014 Updated: October 20, 2014 \n\n### Status\n\nNot Affected\n\n### Vendor Statement\n\n\"MatrixSSL version support is configured with compile-time define, and we have disabled SSL3.0 by default since MatrixSSL 3.3.1 on July 16, 2012.\n\nAnyone using MatrixSSL over the past 2 years would have had to manually enable SSL 3.0. Also, we do TLS style padding for SSL3.0 since the beginning for record encoding, however we can\u00b9t enforce it on decoding, so that was of limited use unless communicating with our own library\"\n\n### Vendor Information \n\nWe are not aware of further vendor information regarding this vulnerability.\n\n### Apache HTTP Server Project Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Apache-SSL Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Botan Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Certicom Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Cryptlib Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Crypto++ Library Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### EMC Corporation Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### F5 Networks, Inc. Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### GnuTLS Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### IAIK Java Group Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Mirapoint, Inc. Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Mozilla - Network Security Services Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### National Center for Supercomputing Applications Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Netscape NSS Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Nettle Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Nokia Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### SafeNet Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Spyrus Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### Stunnel Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### libgcrypt Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### mod_ssl Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\n### wolfSSL Unknown\n\nNotified: October 17, 2014 Updated: October 17, 2014 \n\n### Status\n\nUnknown\n\n### Vendor Statement\n\nWe have not received a statement from the vendor.\n\n### Vendor References\n\nView all 33 vendors __View less vendors __\n\n \n\n\n### CVSS Metrics\n\nGroup | Score | Vector \n---|---|--- \nBase | 4.3 | AV:N/AC:M/Au:N/C:P/I:N/A:N \nTemporal | 3.6 | E:F/RL:OF/RC:C \nEnvironmental | 3.6 | CDP:ND/TD:H/CR:ND/IR:ND/AR:ND \n \n \n\n\n### References\n\n * <https://www.openssl.org/~bodo/ssl-poodle.pdf>\n * <https://www.openssl.org/news/secadv_20141015.txt>\n * <https://tools.ietf.org/html/draft-ietf-tls-downgrade-scsv-00>\n * <https://www.us-cert.gov/ncas/alerts/TA14-290A>\n\n### Acknowledgements\n\nThis document was written by Todd Lewellen.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2014-3566](<http://web.nvd.nist.gov/vuln/detail/CVE-2014-3566>) \n---|--- \n**Date Public:** | 2014-10-14 \n**Date First Published:** | 2014-10-17 \n**Date Last Updated: ** | 2015-01-21 19:34 UTC \n**Document Revision: ** | 29 \n", "cvss3": {"exploitabilityScore": 1.6, "cvssV3": {"baseSeverity": "LOW", "confidentialityImpact": "LOW", "attackComplexity": "HIGH", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 3.4, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:N/A:N", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 1.4}, "published": "2014-10-17T00:00:00", "type": "cert", "title": "POODLE vulnerability in SSL 3.0", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2014-3566"], "modified": "2015-01-21T19:34:00", "id": "VU:577193", "href": "https://www.kb.cert.org/vuls/id/577193", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}], "tomcat": [{"lastseen": "2023-08-03T13:58:42", "description": "**Important: Information disclosure** [CVE-2005-2090](<https://vulners.com/cve/CVE-2005-2090>)\n\nRequests with multiple content-length headers should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which content-length header to use an attacker can poison a web-cache, perform an XSS attack and obtain sensitive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. \n\nAffects: 5.0.0-5.0.30, 5.5.0-5.5.22", "cvss3": {}, "published": "2007-03-09T00:00:00", "type": "tomcat", "title": "Fixed in Apache Tomcat 5.5.23, 5.0.SVN", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090"], "modified": "2007-03-09T00:00:00", "id": "TOMCAT:67CE68B320511BF54B324191638E118A", "href": "https://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.23,_5.0.SVN", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-08-05T13:58:29", "description": "**Moderate: Cross-site scripting** [CVE-2007-1355](<https://vulners.com/cve/CVE-2007-1355>)\n\nThe JSP and Servlet included in the sample application within the Tomcat documentation webapp did not escape user provided data before including it in the output. This enabled a XSS attack. These pages have been simplified not to use any user provided data in the output.\n\nAffects: 6.0.0-6.0.10\n\n**Important: Information disclosure** [CVE-2005-2090](<https://vulners.com/cve/CVE-2005-2090>)\n\nRequests with multiple content-length headers should be rejected as invalid. When multiple components (firewalls, caches, proxies and Tomcat) process a sequence of requests where one or more requests contain multiple content-length headers and several components do not reject the request and make different decisions as to which content-length header to use an attacker can poison a web-cache, perform an XSS attack and obtain sensitive information from requests other then their own. Tomcat now returns 400 for requests with multiple content-length headers. \n\nAffects: 6.0.0-6.0.10", "cvss3": {}, "published": "2005-06-30T00:00:00", "type": "tomcat", "title": "Fixed in Apache Tomcat 6.0.11", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2005-2090", "CVE-2007-1355"], "modified": "2005-06-30T00:00:00", "id": "TOMCAT:E676AE46560F7CF2AF55891ED52C5F15", "href": "https://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.11", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}], "ubuntu": [{"lastseen": "2023-09-01T06:03:10", "description": "## Releases\n\n * Ubuntu 13.04 \n * Ubuntu 12.10 \n * Ubuntu 12.04 \n * Ubuntu 10.04 \n\n## Packages\n\n * openssl \\- Secure Socket Layer (SSL) cryptographic library and tools\n\nThe TLS protocol 1.2 and earlier can encrypt compressed data without \nproperly obfuscating the length of the unencrypted data, which allows \nmachine-in-the-middle attackers to obtain plaintext content by observing \nlength differences during a series of guesses in which a provided string \npotentially matches an unknown string in encrypted and compressed traffic. \nThis is known as a CRIME attack in HTTP. Other protocols layered on top of \nTLS may also make these attacks practical.\n\nThis update disables compression for all programs using SSL and TLS \nprovided by the OpenSSL library. To re-enable compression for programs \nthat need compression to communicate with legacy services, define the \nvariable OPENSSL_DEFAULT_ZLIB in the program's environment.\n", "cvss3": {}, "published": "2013-07-04T00:00:00", "type": "ubuntu", "title": "OpenSSL vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2013-07-04T00:00:00", "id": "USN-1898-1", "href": "https://ubuntu.com/security/notices/USN-1898-1", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-09-01T07:07:26", "description": "## Releases\n\n * Ubuntu 12.04 \n * Ubuntu 11.10 \n * Ubuntu 10.04 \n\n## Packages\n\n * qt4-x11 \\- Qt 4 libraries\n\nJuliano Rizzo and Thai Duong discovered a flaw in the Transport Layer \nSecurity (TLS) protocol when it is used with data compression. If an \nattacker were able to perform a machine-in-the-middle attack, this flaw \ncould be exploited to view sensitive information. This update disables \nTLS data compression in Qt by default.\n", "cvss3": {}, "published": "2012-11-08T00:00:00", "type": "ubuntu", "title": "Qt vulnerability", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2012-11-08T00:00:00", "id": "USN-1628-1", "href": "https://ubuntu.com/security/notices/USN-1628-1", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "threatpost": [{"lastseen": "2018-10-06T23:00:41", "description": "Apple has updated both OS X and its Safari browser, fixing a pile of security vulnerabilities, many of which can be used for remote code execution. The release of OS X Mountain Lion 10.8.4 includes patches for more than 30 bugs, most notably a set of fixes for vulnerabilities in Ruby, some of which are being exploited at this point.\n\nThis is a major security fix for OS X and in addition to the large set of patches for Ruby, there also is a long list of fixes for vulnerabilities in OpenSSL. One of the vulnerabilities fixed in OpenSSL is CVE-2012-4929, the bug that covers the compression attack on TLS 1.0 developed by security researchers Thai Duong and Juliano Rizzo. Known as the [CRIME attack](<https://threatpost.com/crime-attack-uses-compression-ratio-tls-requests-side-channel-hijack-secure-sessions-091312/>), the technique enables an attacker to decrypt SSL-protected sessions under some circumstances.\n\nApple also fixed 12 other vulnerabilities in OpenSSL by updating it to the most recent version, 0.9.8x.\n\n[Apple OS X 10.8.4](<http://support.apple.com/kb/HT5784>) also fixes a number of vulnerabilities in Ruby that caused weaknesses in applications built on Ruby on Rails.\n\n\u201cMultiple vulnerabilities existed in Ruby on Rails, the most serious of which may lead to arbitrary code execution on systems running Ruby on Rails applications. These issues were addressed by updating Ruby on Rails to version 2.3.18. This issue may affect OS X Lion or OS X Mountain Lion systems that were upgraded from Mac OS X 10.6.8 or earlier. Users can update affected gems on such systems by using the /usr/bin/gem utility,\u201d Apple said in its advisory.\n\nThe patch also includes fixes for several vulnerabilities in QuickTime as well as in other components of the operating system.\n\nAs far as Safari is concerned, the release of [Safari 6.0.5](<http://support.apple.com/kb/HT5785>) is essentially a massive fix for WebKit. The new version of the browser contains more than 25 patches for WebKit vulnerabilities.\n\n_Image from Flickr photostream of [Codexian](<https://secure.flickr.com/photos/10995346@N03/>). _\n", "cvss3": {}, "published": "2013-06-05T09:51:54", "type": "threatpost", "title": "Apple Patches Mass of Security Bugs in OS X and Safari", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2012-4929"], "modified": "2013-06-06T16:34:26", "id": "THREATPOST:ADCFAD1BAEEB329FD319FED1F0A4A6E2", "href": "https://threatpost.com/apple-patches-mass-of-security-bugs-in-os-x-and-safari/100881/", "cvss": {"score": 2.6, "vector": "AV:NETWORK/AC:HIGH/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "jvn": [{"lastseen": "2023-08-13T10:46:07", "description": "The TLS protocol contains a function that compresses data for communications between the client and server. This function does not properly obfuscate the length of the unencrypted data. When this function is enabled on both the client and server, it results in a vulnerability where plaintext HTTP headers may be obtained. The TLS implementation in Android OS is affected by this vulnerability. \nExploiting this vulnerability to obtain plaintext HTTP headers is referred to as the CRIME attack.\n\n ## Impact\n\nA man-in-the-middle attacker performing the CRIME attack may obtain plaintext HTTP headers.\n\n ## Solution\n\n**Apply an update** \nApply the update according to the information provided by the provider or developer.\n\n ## Products Affected\n\n * Android OS versions 4.1.2 and earlier\n", "cvss3": {}, "published": "2016-07-22T00:00:00", "type": "jvn", "title": "JVN#65273415: Android OS issue where it is affected by the CRIME attack", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2016-07-26T00:00:00", "id": "JVN:65273415", "href": "http://jvn.jp/en/jp/JVN65273415/index.html", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}], "ibm": [{"lastseen": "2023-02-24T05:43:48", "description": "## Summary\n\nThe following vulnerability in OpenSSL has been addressed by IBM Integrated Management Module II (IMM2). \n\n## Vulnerability Details\n\n** CVEID: **[CVE-2012-4929](<https://vulners.com/cve/CVE-2012-4929>) \n** DESCRIPTION: **The TLS protocol 1.2 and earlier, as used in Mozilla Firefox, Google Chrome,Qt, and other products, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, aka a \"CRIME\" attack. \nCVSS Base score: 2.6 \nCVSS Temporal Score: See: [ https://exchange.xforce.ibmcloud.com/vulnerabilities/78807](<https://exchange.xforce.ibmcloud.com/vulnerabilities/78807>) for the current score. \nCVSS Vector: (AV:N/AC:H/Au:N/C:P/I:N/A:N)\n\n## Affected Products and Versions\n\nProduct(s)| Version(s) \n---|--- \nIBM Integrated Management Module II (IMM2) for System x and Flex| 1AOO \nIBM Integrated Management Module II (IMM2) for BladeCenter| 1AOO \n \n\n\n## Remediation/Fixes\n\nFirmware fix versions are available on Fix Central: <http://www.ibm.com/support/fixcentral/>\n\nProduct(s)| Fixed Version(s) \n---|--- \n \nIBM Integrated Management Module II (IMM2) for System x and Flex\n\n(ibm_fw_imm2_1aoo92a-7.60_anyos_noarch)\n\n| 1AOO92A-7.60 \n \nIBM Integrated Management Module II (IMM2) for BladeCenter\n\n(ibm_fw_imm2_1aoo92a-7.60-bc_anyos_noarch)\n\n| 1AOO92A-7.60-bc \n \n## Workarounds and Mitigations\n\nNone\n\n## ", "cvss3": {}, "published": "2020-03-03T19:02:20", "type": "ibm", "title": "Security Bulletin: IBM Integrated Management Module II (IMM2) is affected by vulnerability in OpenSSL (CVE-2012-4929)", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 4.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.6, "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4929"], "modified": "2020-03-03T19:02:20", "id": "D068B15799D1804F42BCE1F6A0BBF496A897D036E86A4CA868C5D85AFED280DD", "href": "https://www.ibm.com/support/pages/node/5691590", "cvss": {"score": 2.6, "vector": "AV:N/AC:H/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-06-06T17:37:01", "description": "## Summary\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. Customers can avoid the vulnerability byfollowing workarounds recommended by IBM.\n\n## Vulnerability Details\n\n## Abstract\n\nEarlier versions of the Transport Layer Security (TLS) protocol are affected by a publicly disclosed vulnerability that could allow information disclosure if an attacker is carrying out a man-in-the-middle attack. \nCustomers can avoid the vulnerability by following workarounds recommended by IBM. \n\n\n## Content\n\n**VULNERABILITY DETAILS:** \n\n\n**CVE ID:** CVE-2011-3389 \n\n**DESCRIPTION:**\n\nA potential vulnerability has been identified in older versions of the Transport Layer Security (TLS, formerly known as Secure Socket Layer or SSL) protocol that may be utilized by the Browser-Based Interface (BBI) feature in IBM Networking Operating System (NOS) (formerly known as BLADE Operating System). NOS runs on IBM System Networking Ethernet switches (as well as legacy Blade Network Technology (BNT) Ethernet switches). Because BBI is the only feature in NOS to use the TLS protocol as of the date of this bulletin, Customers who do not run BBI on their IBM Ethernet switches are not impacted by this vulnerability. It is possible that future NOS features could use TLS protocols; there are instructions on how to avoid the vulnerability in such situations in the \u201cWorkaround\u201d section below.\n\nThis attack against the TLS protocol is also known as BEAST, and it exploits the use of chained initialization vectors in early versions of the protocol. A remote attacker could exploit this vulnerability using man-in-the-middle techniques to decrypt TLS sessions and obtain sensitive information such as user authentication cookies that could be further leveraged to obtain sensitive information such as account credentials. The attack does not require local network access or physical access to the network and is therefore remotely exploitable, but specialized knowledge and techniques are required to execute this attack. A successful exploit will not impact integrity or availability of transmitted data, but the confidentiality of network traffic may be affected, although the attacker would not be able to control what data are accessed.\n\nSSLv3 and TLS 1.0 are the older versions of this protocol that are susceptible to this vulnerability; newer versions of TLS \u2013 1.1 and 1.2 \u2013 are not. IBM NOS has supported TLS 1.1 and 1.2 since NOS version 6.7, but even these recent versions of NOS continue to support SSLv3 and TLS 1.0 as well. Therefore, even recent versions of NOS that support TLS 1.1 and 1.2 may be susceptible to this vulnerability if a user uses the switch to communicate with TLS peers that only support the older vulnerable versions of the protocol.\n\n**CVSS v2 Base Score:** 4.3 \n**CVSS Environmental Score*:** Undefined\n\n**CVSS Vector:** (AV:N/AC:M/Au:N/C:P/I:N/A:N)\n\n**AFFECTED PRODUCTS AND VERSIONS:**\n\nThis vulnerability potentially affects all IBM System Networking Ethernet switches and legacy BNT Ethernet switches (including those used in IBM Flex Systems and IBM BladeCenter products). This includes versions and releases that are no longer in support.\n\n**REMEDIATION:**\n\nNone.\n\n**WORKAROUND:**\n\nCustomers can avoid this vulnerability altogether by not using the BBI feature on their IBM Ethernet switches; instead, customers would use Secure Shell (SSH) to administer the device via command line. IBM recommends that customers running versions of NOS that are older than NOS 6.7 not use BBI, as those versions of NOS do not support TLS 1.1 and 1.2. IBM recommends that customers running NOS 6.7 or later on their IBM Ethernet switches who want to continue using BBI do so to communicate only with Web browsers that also support TLS 1.1 and 1.2. Similarly, to the extent any future NOS features use the TLS protocol, IBM recommends that customers use those features only to communicate with TLS peers that also support TLS 1.1 and 1.2.\n\n**MITIGATION:**\n\nNone.\n\n \n**REFERENCES:**\n\n * [_Complete CVSS Guide_](<http://www.first.org/cvss/cvss-guide.html>)\n * [_On-line Calculator V2_](<http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2>)\n * [_CVE-2011-3389_](<https://vulners.com/cve/CVE-2011-3389>)\n * [X-Force Vulnerability Database](<http://xforce.iss.net/xforce/xfdb/70069>)\n \n**RELATED INFORMATION:** [_ IBM Secure Engineering Web Portal_](<https://www-304.ibm.com/jct03001c/security/secure-engineering/>) \n[_IBM Product Security Incident Response Blog_](<https://www.ibm.com/blogs/PSIRT>) \n \n**CHANGE HISTORY:**\n\n \n<October 10, 2013>: Original Copy Published.\n\n \n*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Flash. \n\nNote: According to the Forum of Incident Response and Security Teams (FIRST), the Common Vulnerability Scoring System (CVSS) is an \"industry open standard designed to convey vulnerability severity and help to determine urgency and priority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY OF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT OF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n## ", "cvss3": {}, "published": "2023-04-14T14:32:25", "type": "ibm", "title": "Security Bulletin: Vulnerability in Transport Layer Security Protocol\n Used in IBM System Networking Ethernet Switches (CVE-2011-3389)", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-3389"], "modified": "2023-04-14T14:32:25", "id": "5EFA13785CC30ADD58A09C8067C048A172DF46A415459750DB97A4B2E8C6095E", "href": "https://www.ibm.com/support/pages/node/863230", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-02-27T21:51:44", "description": "## Summary\n\nBrowser Exploit Against SSL/TLS (a.k.a. BEAST) vulnerability is observed. In TLS 1.0 and earlier, it is possible to predict the Initialization Vector (IV) of the block cipher encryption. This allows a man-in-the-middle attacker to guess the plaintext being encrypted. The affected products are in TLS 1.0 and earlier.\n\n## Vulnerability Details\n\n** Third Party Entry: **PSIRT-ADV0016851 \n** DESCRIPTION: ** \nCVSS Base score: 4.7 \nCVSS Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N\n\n## Aff
Fedora Update for Pound FEDORA-2014-13764
