Lucene search
Copyright (C) 2023 Greenbone AGOPENVAS:13614125623114202307601HistoryMar 28, 2023 - 12:00 a.m.
SUSE: Security Advisory (SUSE-SU-2023:0760-1)
2023-03-2800:00:00
Copyright (C) 2023 Greenbone AG
plugins.openvas.org
4
The remote host is missing an update for the
# SPDX-FileCopyrightText: 2023 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.1.4.2023.0760.1");
script_cve_id("CVE-2023-0512", "CVE-2023-1127", "CVE-2023-1170", "CVE-2023-1175");
script_tag(name:"creation_date", value:"2023-03-28 13:04:06 +0000 (Tue, 28 Mar 2023)");
script_version("2024-02-02T14:37:51+0000");
script_tag(name:"last_modification", value:"2024-02-02 14:37:51 +0000 (Fri, 02 Feb 2024)");
script_tag(name:"cvss_base", value:"7.2");
script_tag(name:"cvss_base_vector", value:"AV:L/AC:L/Au:N/C:C/I:C/A:C");
script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_tag(name:"severity_origin", value:"NVD");
script_tag(name:"severity_date", value:"2023-03-09 00:55:07 +0000 (Thu, 09 Mar 2023)");
script_name("SUSE: Security Advisory (SUSE-SU-2023:0760-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2023 Greenbone AG");
script_family("SuSE Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/suse_sles", "ssh/login/rpms", re:"ssh/login/release=(SLES12\.0SP2|SLES12\.0SP4|SLES12\.0SP5)");
script_xref(name:"Advisory-ID", value:"SUSE-SU-2023:0760-1");
script_xref(name:"URL", value:"https://www.suse.com/support/update/announcement/2023/suse-su-20230760-1/");
script_xref(name:"URL", value:"https://github.com/vim/vim/compare/v9.0.1234...v9.0.1386");
script_tag(name:"summary", value:"The remote host is missing an update for the 'vim' package(s) announced via the SUSE-SU-2023:0760-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"This update for vim fixes the following issues:
CVE-2023-0512: Fixed a divide By Zero (bsc#1207780).
CVE-2023-1175: vim: an incorrect calculation of buffer size (bsc#1208957).
CVE-2023-1170: Fixed a heap-based Buffer Overflow (bsc#1208959).
CVE-2023-1127: Fixed divide by zero in scrolldown() (bsc#1208828).
Updated to version 9.0 with patch level 1386.
[link moved to references]");
script_tag(name:"affected", value:"'vim' package(s) on SUSE Linux Enterprise High Performance Computing 12-SP5, SUSE Linux Enterprise Server 12-SP2, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server for SAP Applications 12-SP4, SUSE Linux Enterprise Server for SAP Applications 12-SP5, SUSE OpenStack Cloud 9, SUSE OpenStack Cloud Crowbar 9.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-rpm.inc");
release = rpm_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "SLES12.0SP2") {
if(!isnull(res = isrpmvuln(pkg:"gvim", rpm:"gvim~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"gvim-debuginfo", rpm:"gvim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim", rpm:"vim~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data", rpm:"vim-data~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data-common", rpm:"vim-data-common~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debuginfo", rpm:"vim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debugsource", rpm:"vim-debugsource~9.0.1386~17.15.4", rls:"SLES12.0SP2"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP4") {
if(!isnull(res = isrpmvuln(pkg:"gvim", rpm:"gvim~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"gvim-debuginfo", rpm:"gvim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim", rpm:"vim~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data", rpm:"vim-data~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data-common", rpm:"vim-data-common~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debuginfo", rpm:"vim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debugsource", rpm:"vim-debugsource~9.0.1386~17.15.4", rls:"SLES12.0SP4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "SLES12.0SP5") {
if(!isnull(res = isrpmvuln(pkg:"gvim", rpm:"gvim~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"gvim-debuginfo", rpm:"gvim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim", rpm:"vim~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data", rpm:"vim-data~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-data-common", rpm:"vim-data-common~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debuginfo", rpm:"vim-debuginfo~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(!isnull(res = isrpmvuln(pkg:"vim-debugsource", rpm:"vim-debugsource~9.0.1386~17.15.4", rls:"SLES12.0SP5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
SUSE SLES12 Security Update : vim (SUSE-SU-2023:0760-1)
2023-03-17 00:00:00
Fedora 36 : vim (2023-030318ca00)
2023-04-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:0781-1)
2023-03-28 00:00:00
Mageia: Security Advisory (MGASA-2023-0110)
2023-03-28 00:00:00
Fedora: Security Advisory for vim (FEDORA-2023-030318ca00)
2023-04-03 00:00:00
mageia
mageia
Updated vim packages fix security vulnerability
2023-03-24 08:55:49
fedora
fedora
[SECURITY] Fedora 36 Update: vim-9.0.1407-1.fc36
2023-04-02 01:34:22
[SECURITY] Fedora 38 Update: vim-9.0.1407-1.fc38
2023-03-20 00:20:16
[SECURITY] Fedora 37 Update: vim-9.0.1407-1.fc37
2023-03-20 01:39:05
slackware
slackware
[slackware-security] vim
2023-03-20 19:36:04
rosalinux
rosalinux
Advisory ROSA-SA-2023-2268
2023-10-22 06:02:22
amazon
amazon
huntr
huntr
Incorrect Calculation of Buffer Size in function yank_copy_line
2023-01-29 02:39:59
Divide By Zero in function adjust_skipcol
2023-01-23 13:11:35
heap-buffer-overflow in utf_ptr2char
2023-03-01 01:52:52
cbl_mariner
cbl_mariner
CVE-2023-1175 affecting package vim for versions less than 9.0.1402-1
2023-03-24 23:57:10
CVE-2023-1175 affecting package vim 9.0.1247-1
2023-04-07 04:59:55
CVE-2023-0512 affecting package vim 9.0.1189-1
2023-02-14 02:36:00
cgr
cgr
CVE-2023-1175 vulnerabilities
2024-05-18 03:08:02
CVE-2023-1127 vulnerabilities
2024-05-18 03:08:02
debiancve
debiancve
alpinelinux
alpinelinux
ubuntucve
ubuntucve
prion
prion
Code injection
2023-03-04 16:15:00
Design/Logic Flaw
2023-01-30 16:15:00
Heap overflow
2023-03-03 23:15:00
redhatcve
redhatcve
cloudlinux
cloudlinux
vim: Fix of CVE-2023-1175
2023-03-14 19:09:20
vim: Fix of CVE-2023-1170
2023-03-27 13:49:44
veracode
veracode
Denial Of Service (DoS)
2023-03-12 17:02:41
Incorrect Calculation
2023-03-10 14:13:52
Denial Of Service (DoS)
2023-03-10 14:11:24
osv
osv
redos
redos
ROS-20230203-02
2023-02-03 00:00:00
ROS-20230320-01
2023-03-20 00:00:00
cvelist
cvelist
CVE-2023-0512 Divide By Zero in vim/vim
2023-01-26 00:00:00
CVE-2023-1127 Divide By Zero in vim/vim
2023-03-01 00:00:00
CVE-2023-1175 Incorrect Calculation of Buffer Size in vim/vim
2023-03-04 00:00:00
cve
cve
wolfi
wolfi
CVE-2023-1175 vulnerabilities
2024-05-18 03:12:40
CVE-2023-1127 vulnerabilities
2024-05-18 03:12:40
cloudfoundry
cloudfoundry
USN-5963-1: Vim vulnerabilities | Cloud Foundry
2023-04-29 00:00:00
ubuntu
ubuntu
Vim vulnerabilities
2023-03-20 00:00:00
debian
debian
[SECURITY] [DLA 3453-1] vim security update
2023-06-12 17:41:50
photon
photon
Critical Photon OS Security Update - PHSA-2023-5.0-0009
2023-05-22 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0380
2023-04-25 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0568
2023-04-19 00:00:00
ibm
ibm
apple
apple
About the security content of macOS Big Sur 11.7.5
2023-03-27 00:00:00
About the security content of macOS Monterey 12.6.4
2023-03-27 00:00:00
About the security content of macOS Ventura 13.3
2023-03-27 00:00:00
7.7 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
32.0%
Related for OPENVAS:13614125623114202307601