Search...

Fedora Update for nano FEDORA-2010-13157

2010-09-10T00:00:00

ID OPENVAS:862379
Type openvas
Reporter Copyright (c) 2010 Greenbone Networks GmbH
Modified 2017-12-25T00:00:00

Description

Check for the Version of nano

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# Fedora Update for nano FEDORA-2010-13157
#
# Authors:
# System Generated Check
#
# Copyright:
# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

include("revisions-lib.inc");
tag_affected = "nano on Fedora 12";
tag_insight = "GNU nano is a small and friendly text editor.";
tag_solution = "Please Install the Updated Packages.";


if(description)
{
  script_xref(name : "URL" , value : "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047219.html");
  script_id(862379);
  script_version("$Revision: 8243 $");
  script_tag(name:"last_modification", value:"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $");
  script_tag(name:"creation_date", value:"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)");
  script_tag(name:"cvss_base", value:"3.7");
  script_tag(name:"cvss_base_vector", value:"AV:L/AC:H/Au:N/C:P/I:P/A:P");
  script_xref(name: "FEDORA", value: "2010-13157");
  script_cve_id("CVE-2010-1160", "CVE-2010-1161");
  script_name("Fedora Update for nano FEDORA-2010-13157");

  script_tag(name: "summary" , value: "Check for the Version of nano");
  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2010 Greenbone Networks GmbH");
  script_family("Fedora Local Security Checks");
  script_dependencies("gather-package-list.nasl");
  script_mandatory_keys("ssh/login/fedora", "ssh/login/rpms");
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name:"qod_type", value:"package");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("pkg-lib-rpm.inc");

release = get_kb_item("ssh/login/release");


res = "";
if(release == NULL){
  exit(0);
}

if(release == "FC12")
{

  if ((res = isrpmvuln(pkg:"nano", rpm:"nano~2.0.9~7.fc12", rls:"FC12")) != NULL)
  {
    security_message(data:res);
    exit(0);
  }

  if (__pkg_match) exit(99); # Not vulnerable.
  exit(0);
}

JSON Vulners Source

Initial Source

{"id": "OPENVAS:862379", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for nano FEDORA-2010-13157", "description": "Check for the Version of nano", "published": "2010-09-10T00:00:00", "modified": "2017-12-25T00:00:00", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=862379", "reporter": "Copyright (c) 2010 Greenbone Networks GmbH", "references": ["2010-13157", "http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047219.html"], "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "lastseen": "2018-01-02T10:54:33", "viewCount": 0, "enchantments": {"score": {"value": 5.1, "vector": "NONE", "modified": "2018-01-02T10:54:33", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2010-1160", "CVE-2010-1161"]}, {"type": "openvas", "idList": ["OPENVAS:69011", "OPENVAS:136141256231069011", "OPENVAS:861933", "OPENVAS:1361412562310861930", "OPENVAS:861930", "OPENVAS:1361412562310861933", "OPENVAS:1361412562310862379"]}, {"type": "nessus", "idList": ["FEDORA_2010-6735.NASL", "FEDORA_2010-6775.NASL", "FEDORA_2010-13157.NASL", "GENTOO_GLSA-201006-08.NASL", "FEDORA_2010-6776.NASL"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:10892", "SECURITYVULNS:DOC:23971"]}, {"type": "gentoo", "idList": ["GLSA-201006-08"]}], "modified": "2018-01-02T10:54:33", "rev": 2}, "vulnersScore": 5.1}, "pluginID": "862379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-13157\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 12\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047219.html\");\n script_id(862379);\n script_version(\"$Revision: 8243 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-25 07:30:04 +0100 (Mon, 25 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13157\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-13157\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks"}

{"cve": [{"lastseen": "2021-02-02T05:44:56", "description": "Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, allows local user-assisted attackers to change the ownership of arbitrary files via vectors related to the creation of backup files.", "edition": 6, "cvss3": {}, "published": "2010-04-16T19:30:00", "title": "CVE-2010-1161", "type": "cve", "cwe": ["CWE-362"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 1.9, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "HIGH", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 3.7, "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1161"], "modified": "2010-06-07T04:00:00", "cpe": ["cpe:/a:gnu:nano:0.8.5", "cpe:/a:gnu:nano:1.3.1", "cpe:/a:gnu:nano:1.3.0", "cpe:/a:gnu:nano:1.0.4", "cpe:/a:gnu:nano:0.9.10", "cpe:/a:gnu:nano:0.9.18", "cpe:/a:gnu:nano:1.2.1", "cpe:/a:gnu:nano:2.1.0", "cpe:/a:gnu:nano:1.0.2", "cpe:/a:gnu:nano:2.1.3", "cpe:/a:gnu:nano:1.9.99pre1", "cpe:/a:gnu:nano:2.0.8", "cpe:/a:gnu:nano:1.0.6", "cpe:/a:gnu:nano:1.2.2", "cpe:/a:gnu:nano:0.9.7", "cpe:/a:gnu:nano:1.1.99pre1", "cpe:/a:gnu:nano:1.1.10", "cpe:/a:gnu:nano:0.5.4", "cpe:/a:gnu:nano:2.1.11", "cpe:/a:gnu:nano:0.9.11", "cpe:/a:gnu:nano:1.0.0", "cpe:/a:gnu:nano:0.9.2", "cpe:/a:gnu:nano:1.1.9", "cpe:/a:gnu:nano:1.3.10", "cpe:/a:gnu:nano:2.1.10", "cpe:/a:gnu:nano:0.7.1", "cpe:/a:gnu:nano:1.0.1", "cpe:/a:gnu:nano:0.9.16", "cpe:/a:gnu:nano:1.3.4", "cpe:/a:gnu:nano:1.1.4", "cpe:/a:gnu:nano:0.8.4", "cpe:/a:gnu:nano:0.7.2", "cpe:/a:gnu:nano:2.1.7", "cpe:/a:gnu:nano:2.1.6", "cpe:/a:gnu:nano:0.8.8", "cpe:/a:gnu:nano:2.1.99pre2", "cpe:/a:gnu:nano:0.8.9", "cpe:/a:gnu:nano:1.3.8", "cpe:/a:gnu:nano:0.9.99pre3", "cpe:/a:gnu:nano:2.0.5", "cpe:/a:gnu:nano:0.9.99pre2", "cpe:/a:gnu:nano:1.3.2", "cpe:/a:gnu:nano:1.0.9", "cpe:/a:gnu:nano:0.5.5", "cpe:/a:gnu:nano:0.7.9", "cpe:/a:gnu:nano:1.1.6", "cpe:/a:gnu:nano:0.9.25", "cpe:/a:gnu:nano:0.8.0", "cpe:/a:gnu:nano:0.9.20", "cpe:/a:gnu:nano:0.7.0", "cpe:/a:gnu:nano:0.5.3", "cpe:/a:gnu:nano:0.9.4", "cpe:/a:gnu:nano:1.3.5", "cpe:/a:gnu:nano:0.9.12", "cpe:/a:gnu:nano:0.6.3", "cpe:/a:gnu:nano:0.6.9", "cpe:/a:gnu:nano:2.2.0", "cpe:/a:gnu:nano:2.1.4", "cpe:/a:gnu:nano:0.9.21", "cpe:/a:gnu:nano:0.9.1", "cpe:/a:gnu:nano:0.6.2", "cpe:/a:gnu:nano:2.1.5", "cpe:/a:gnu:nano:1.1.1", "cpe:/a:gnu:nano:1.3.7", "cpe:/a:gnu:nano:0.7.6", "cpe:/a:gnu:nano:0.9.15", "cpe:/a:gnu:nano:0.8.2", "cpe:/a:gnu:nano:2.1.99pre1", "cpe:/a:gnu:nano:2.1.9", "cpe:/a:gnu:nano:2.0.1", "cpe:/a:gnu:nano:0.8.6", "cpe:/a:gnu:nano:1.1.0", "cpe:/a:gnu:nano:0.7.5", "cpe:/a:gnu:nano:2.0.4", "cpe:/a:gnu:nano:2.2.1", "cpe:/a:gnu:nano:0.9.23", "cpe:/a:gnu:nano:2.1.2", "cpe:/a:gnu:nano:0.9.13", "cpe:/a:gnu:nano:1.1.8", "cpe:/a:gnu:nano:1.0.8", "cpe:/a:gnu:nano:0.6.4", "cpe:/a:gnu:nano:1.1.12", "cpe:/a:gnu:nano:0.9.5", "cpe:/a:gnu:nano:0.7.7", "cpe:/a:gnu:nano:2.0.7", "cpe:/a:gnu:nano:0.8.3", "cpe:/a:gnu:nano:1.1.7", "cpe:/a:gnu:nano:1.3.12", "cpe:/a:gnu:nano:0.7.4", "cpe:/a:gnu:nano:1.2.4", "cpe:/a:gnu:nano:1.3.6", "cpe:/a:gnu:nano:0.9.24", "cpe:/a:gnu:nano:2.2.3", "cpe:/a:gnu:nano:2.0.2", "cpe:/a:gnu:nano:0.6.6", "cpe:/a:gnu:nano:1.2.5", "cpe:/a:gnu:nano:1.2.3", "cpe:/a:gnu:nano:2.1.8", "cpe:/a:gnu:nano:1.1.2", "cpe:/a:gnu:nano:1.0.3", "cpe:/a:gnu:nano:0.9.17", "cpe:/a:gnu:nano:0.9.19", "cpe:/a:gnu:nano:2.0.3", "cpe:/a:gnu:nano:0.9.99pre1", "cpe:/a:gnu:nano:2.2.2", "cpe:/a:gnu:nano:1.9.99pre2", "cpe:/a:gnu:nano:1.0.5", "cpe:/a:gnu:nano:0.6.5", "cpe:/a:gnu:nano:1.3.3", "cpe:/a:gnu:nano:0.6.7", "cpe:/a:gnu:nano:0.8.7", "cpe:/a:gnu:nano:1.3.11", "cpe:/a:gnu:nano:1.1.99pre2", "cpe:/a:gnu:nano:0.9.0", "cpe:/a:gnu:nano:0.9.3", "cpe:/a:gnu:nano:0.7.3", "cpe:/a:gnu:nano:0.7.8", "cpe:/a:gnu:nano:1.1.99pre3", "cpe:/a:gnu:nano:2.1.1", "cpe:/a:gnu:nano:0.6.1", "cpe:/a:gnu:nano:0.9.9", "cpe:/a:gnu:nano:0.9.6", "cpe:/a:gnu:nano:1.1.11", "cpe:/a:gnu:nano:0.5.0", "cpe:/a:gnu:nano:2.0.6", "cpe:/a:gnu:nano:1.1.3", "cpe:/a:gnu:nano:1.2.0", "cpe:/a:gnu:nano:0.9.22", "cpe:/a:gnu:nano:1.0.7", "cpe:/a:gnu:nano:0.6.0", "cpe:/a:gnu:nano:0.9.8", "cpe:/a:gnu:nano:1.9.99pre3", "cpe:/a:gnu:nano:0.8.1", "cpe:/a:gnu:nano:0.5.1", "cpe:/a:gnu:nano:1.1.5", "cpe:/a:gnu:nano:0.9.14", "cpe:/a:gnu:nano:0.5.2", "cpe:/a:gnu:nano:1.3.9", "cpe:/a:gnu:nano:2.0.0", "cpe:/a:gnu:nano:0.6.8", "cpe:/a:gnu:nano:2.0.9"], "id": "CVE-2010-1161", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1161", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:gnu:nano:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.25:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.24:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre2:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:44:56", "description": "GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a file-save operation, which allows local user-assisted attackers to overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim.", "edition": 6, "cvss3": {}, "published": "2010-04-16T19:30:00", "title": "CVE-2010-1160", "type": "cve", "cwe": ["CWE-59"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 1.9, "vectorString": "AV:L/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2010-1160"], "modified": "2010-06-07T04:00:00", "cpe": ["cpe:/a:gnu:nano:0.8.5", "cpe:/a:gnu:nano:1.3.1", "cpe:/a:gnu:nano:1.3.0", "cpe:/a:gnu:nano:1.0.4", "cpe:/a:gnu:nano:0.9.10", "cpe:/a:gnu:nano:0.9.18", "cpe:/a:gnu:nano:1.2.1", "cpe:/a:gnu:nano:2.1.0", "cpe:/a:gnu:nano:1.0.2", "cpe:/a:gnu:nano:2.1.3", "cpe:/a:gnu:nano:1.9.99pre1", "cpe:/a:gnu:nano:2.0.8", "cpe:/a:gnu:nano:1.0.6", "cpe:/a:gnu:nano:1.2.2", "cpe:/a:gnu:nano:0.9.7", "cpe:/a:gnu:nano:1.1.99pre1", "cpe:/a:gnu:nano:1.1.10", "cpe:/a:gnu:nano:0.5.4", "cpe:/a:gnu:nano:2.1.11", "cpe:/a:gnu:nano:0.9.11", "cpe:/a:gnu:nano:1.0.0", "cpe:/a:gnu:nano:0.9.2", "cpe:/a:gnu:nano:1.1.9", "cpe:/a:gnu:nano:1.3.10", "cpe:/a:gnu:nano:2.1.10", "cpe:/a:gnu:nano:0.7.1", "cpe:/a:gnu:nano:1.0.1", "cpe:/a:gnu:nano:0.9.16", "cpe:/a:gnu:nano:1.3.4", "cpe:/a:gnu:nano:1.1.4", "cpe:/a:gnu:nano:0.8.4", "cpe:/a:gnu:nano:0.7.2", "cpe:/a:gnu:nano:2.1.7", "cpe:/a:gnu:nano:2.1.6", "cpe:/a:gnu:nano:0.8.8", "cpe:/a:gnu:nano:2.1.99pre2", "cpe:/a:gnu:nano:0.8.9", "cpe:/a:gnu:nano:1.3.8", "cpe:/a:gnu:nano:0.9.99pre3", "cpe:/a:gnu:nano:2.0.5", "cpe:/a:gnu:nano:0.9.99pre2", "cpe:/a:gnu:nano:1.3.2", "cpe:/a:gnu:nano:1.0.9", "cpe:/a:gnu:nano:0.5.5", "cpe:/a:gnu:nano:0.7.9", "cpe:/a:gnu:nano:1.1.6", "cpe:/a:gnu:nano:0.9.25", "cpe:/a:gnu:nano:0.8.0", "cpe:/a:gnu:nano:0.9.20", "cpe:/a:gnu:nano:0.7.0", "cpe:/a:gnu:nano:0.5.3", "cpe:/a:gnu:nano:0.9.4", "cpe:/a:gnu:nano:1.3.5", "cpe:/a:gnu:nano:0.9.12", "cpe:/a:gnu:nano:0.6.3", "cpe:/a:gnu:nano:0.6.9", "cpe:/a:gnu:nano:2.2.0", "cpe:/a:gnu:nano:2.1.4", "cpe:/a:gnu:nano:0.9.21", "cpe:/a:gnu:nano:0.9.1", "cpe:/a:gnu:nano:0.6.2", "cpe:/a:gnu:nano:2.1.5", "cpe:/a:gnu:nano:1.1.1", "cpe:/a:gnu:nano:1.3.7", "cpe:/a:gnu:nano:0.7.6", "cpe:/a:gnu:nano:0.9.15", "cpe:/a:gnu:nano:0.8.2", "cpe:/a:gnu:nano:2.1.99pre1", "cpe:/a:gnu:nano:2.1.9", "cpe:/a:gnu:nano:2.0.1", "cpe:/a:gnu:nano:0.8.6", "cpe:/a:gnu:nano:1.1.0", "cpe:/a:gnu:nano:0.7.5", "cpe:/a:gnu:nano:2.0.4", "cpe:/a:gnu:nano:2.2.1", "cpe:/a:gnu:nano:0.9.23", "cpe:/a:gnu:nano:2.1.2", "cpe:/a:gnu:nano:0.9.13", "cpe:/a:gnu:nano:1.1.8", "cpe:/a:gnu:nano:1.0.8", "cpe:/a:gnu:nano:0.6.4", "cpe:/a:gnu:nano:1.1.12", "cpe:/a:gnu:nano:0.9.5", "cpe:/a:gnu:nano:0.7.7", "cpe:/a:gnu:nano:2.0.7", "cpe:/a:gnu:nano:0.8.3", "cpe:/a:gnu:nano:1.1.7", "cpe:/a:gnu:nano:1.3.12", "cpe:/a:gnu:nano:0.7.4", "cpe:/a:gnu:nano:1.2.4", "cpe:/a:gnu:nano:1.3.6", "cpe:/a:gnu:nano:0.9.24", "cpe:/a:gnu:nano:2.2.3", "cpe:/a:gnu:nano:2.0.2", "cpe:/a:gnu:nano:0.6.6", "cpe:/a:gnu:nano:1.2.5", "cpe:/a:gnu:nano:1.2.3", "cpe:/a:gnu:nano:2.1.8", "cpe:/a:gnu:nano:1.1.2", "cpe:/a:gnu:nano:1.0.3", "cpe:/a:gnu:nano:0.9.17", "cpe:/a:gnu:nano:0.9.19", "cpe:/a:gnu:nano:2.0.3", "cpe:/a:gnu:nano:0.9.99pre1", "cpe:/a:gnu:nano:2.2.2", "cpe:/a:gnu:nano:1.9.99pre2", "cpe:/a:gnu:nano:1.0.5", "cpe:/a:gnu:nano:0.6.5", "cpe:/a:gnu:nano:1.3.3", "cpe:/a:gnu:nano:0.6.7", "cpe:/a:gnu:nano:0.8.7", "cpe:/a:gnu:nano:1.3.11", "cpe:/a:gnu:nano:1.1.99pre2", "cpe:/a:gnu:nano:0.9.0", "cpe:/a:gnu:nano:0.9.3", "cpe:/a:gnu:nano:0.7.3", "cpe:/a:gnu:nano:0.7.8", "cpe:/a:gnu:nano:1.1.99pre3", "cpe:/a:gnu:nano:2.1.1", "cpe:/a:gnu:nano:0.6.1", "cpe:/a:gnu:nano:0.9.9", "cpe:/a:gnu:nano:0.9.6", "cpe:/a:gnu:nano:1.1.11", "cpe:/a:gnu:nano:0.5.0", "cpe:/a:gnu:nano:2.0.6", "cpe:/a:gnu:nano:1.1.3", "cpe:/a:gnu:nano:1.2.0", "cpe:/a:gnu:nano:0.9.22", "cpe:/a:gnu:nano:1.0.7", "cpe:/a:gnu:nano:0.6.0", "cpe:/a:gnu:nano:0.9.8", "cpe:/a:gnu:nano:1.9.99pre3", "cpe:/a:gnu:nano:0.8.1", "cpe:/a:gnu:nano:0.5.1", "cpe:/a:gnu:nano:1.1.5", "cpe:/a:gnu:nano:0.9.14", "cpe:/a:gnu:nano:0.5.2", "cpe:/a:gnu:nano:1.3.9", "cpe:/a:gnu:nano:2.0.0", "cpe:/a:gnu:nano:0.6.8", "cpe:/a:gnu:nano:2.0.9"], "id": "CVE-2010-1160", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-1160", "cvss": {"score": 1.9, "vector": "AV:L/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:gnu:nano:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.25:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.22:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.14:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.13:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.16:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.19:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.18:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.0:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.7:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.12:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.15:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.21:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.10:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.0.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.20:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.24:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.8:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.99pre3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.9.99pre2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.17:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.23:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.9.11:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:0.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.9:*:*:*:*:*:*:*", "cpe:2.3:a:gnu:nano:1.1.99pre2:*:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2019-05-29T18:39:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-08.", "modified": "2019-03-14T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:136141256231069011", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231069011", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-08 (nano)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201006_08.nasl 14171 2019-03-14 10:22:03Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.69011\");\n script_version(\"$Revision: 14171 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-14 11:22:03 +0100 (Thu, 14 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Gentoo Security Advisory GLSA 201006-08 (nano)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Race conditions when editing files could lead to symlink attacks or changes\n of ownerships of important files.\");\n script_tag(name:\"solution\", value:\"All nano users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-editors/nano-2.2.4'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-08\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=315355\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201006-08.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-editors/nano\", unaffected: make_list(\"ge 2.2.4\"), vulnerable: make_list(\"lt 2.2.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:54:07", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Check for the Version of nano", "modified": "2017-12-26T00:00:00", "published": "2010-05-07T00:00:00", "id": "OPENVAS:1361412562310861930", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861930", "type": "openvas", "title": "Fedora Update for nano FEDORA-2010-6775", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-6775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 12\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040742.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861930\");\n script_version(\"$Revision: 8246 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 08:29:20 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-07 15:42:01 +0200 (Fri, 07 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-6775\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-6775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~6.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-25T10:55:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Check for the Version of nano", "modified": "2018-01-24T00:00:00", "published": "2010-09-10T00:00:00", "id": "OPENVAS:1361412562310862379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310862379", "type": "openvas", "title": "Fedora Update for nano FEDORA-2010-13157", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-13157\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 12\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-September/047219.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.862379\");\n script_version(\"$Revision: 8510 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 08:57:42 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-09-10 14:21:00 +0200 (Fri, 10 Sep 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-13157\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-13157\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~7.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:04:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Check for the Version of nano", "modified": "2018-01-17T00:00:00", "published": "2010-05-07T00:00:00", "id": "OPENVAS:1361412562310861933", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310861933", "type": "openvas", "title": "Fedora Update for nano FEDORA-2010-6776", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-6776\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 11\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040678.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.861933\");\n script_version(\"$Revision: 8447 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:12:19 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-07 15:42:01 +0200 (Fri, 07 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-6776\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-6776\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-14T11:48:27", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Check for the Version of nano", "modified": "2017-12-13T00:00:00", "published": "2010-05-07T00:00:00", "id": "OPENVAS:861930", "href": "http://plugins.openvas.org/nasl.php?oid=861930", "type": "openvas", "title": "Fedora Update for nano FEDORA-2010-6775", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-6775\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 12\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040742.html\");\n script_id(861930);\n script_version(\"$Revision: 8092 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-13 07:31:16 +0100 (Wed, 13 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-07 15:42:01 +0200 (Fri, 07 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-6775\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-6775\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC12\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~6.fc12\", rls:\"FC12\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-21T11:32:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Check for the Version of nano", "modified": "2017-12-20T00:00:00", "published": "2010-05-07T00:00:00", "id": "OPENVAS:861933", "href": "http://plugins.openvas.org/nasl.php?oid=861933", "type": "openvas", "title": "Fedora Update for nano FEDORA-2010-6776", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for nano FEDORA-2010-6776\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2010 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_affected = \"nano on Fedora 11\";\ntag_insight = \"GNU nano is a small and friendly text editor.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2010-May/040678.html\");\n script_id(861933);\n script_version(\"$Revision: 8186 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-20 07:30:34 +0100 (Wed, 20 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2010-05-07 15:42:01 +0200 (Fri, 07 May 2010)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2010-6776\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Fedora Update for nano FEDORA-2010-6776\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of nano\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2010 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC11\")\n{\n\n if ((res = isrpmvuln(pkg:\"nano\", rpm:\"nano~2.0.9~1.fc11\", rls:\"FC11\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-09-04T14:20:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "The remote host is missing updates announced in\nadvisory GLSA 201006-08.", "modified": "2017-08-29T00:00:00", "published": "2011-03-09T00:00:00", "id": "OPENVAS:69011", "href": "http://plugins.openvas.org/nasl.php?oid=69011", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201006-08 (nano)", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Race conditions when editing files could lead to symlink attacks or changes\n of ownerships of important files.\";\ntag_solution = \"All nano users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-editors/nano-2.2.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201006-08\nhttp://bugs.gentoo.org/show_bug.cgi?id=315355\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201006-08.\";\n\n \n \n\nif(description)\n{\n script_id(69011);\n script_version(\"$Revision: 7019 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-08-29 13:51:27 +0200 (Tue, 29 Aug 2017) $\");\n script_tag(name:\"creation_date\", value:\"2011-03-09 05:54:11 +0100 (Wed, 09 Mar 2011)\");\n script_tag(name:\"cvss_base\", value:\"3.7\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_name(\"Gentoo Security Advisory GLSA 201006-08 (nano)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2011 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"app-editors/nano\", unaffected: make_list(\"ge 2.2.4\"), vulnerable: make_list(\"lt 2.2.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "gentoo": [{"lastseen": "2016-09-06T19:47:07", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "### Background\n\nnano is a GNU GPL'd Pico clone with more functionality. \n\n### Description\n\nMultiple race condition vulnerabilities have been discovered in nano. For further information please consult the CVE entries referenced below. \n\n### Impact\n\nUnder certain conditions, a local, user-assisted attacker could possibly overwrite arbitrary files via a symlink attack on an attacker-owned file that is being edited by the victim, or change the ownership of arbitrary files. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll nano users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=app-editors/nano-2.2.4\"", "edition": 1, "modified": "2010-06-01T00:00:00", "published": "2010-06-01T00:00:00", "id": "GLSA-201006-08", "href": "https://security.gentoo.org/glsa/201006-08", "type": "gentoo", "title": "nano: Multiple vulnerabilities", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:37", "bulletinFamily": "software", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "Race conditions during temporary files creation.", "edition": 1, "modified": "2010-06-02T00:00:00", "published": "2010-06-02T00:00:00", "id": "SECURITYVULNS:VULN:10892", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:10892", "title": "nano editor symbolic links vulnerability", "type": "securityvulns", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:10:35", "bulletinFamily": "software", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 201006-08\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: nano: Multiple vulnerabilities\r\n Date: June 01, 2010\r\n Bugs: #315355\r\n ID: 201006-08\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nRace conditions when editing files could lead to symlink attacks or\r\nchanges of ownerships of important files.\r\n\r\nBackground\r\n==========\r\n\r\nnano is a GNU GPL'd Pico clone with more functionality.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 app-editors/nano < 2.2.4 >= 2.2.4\r\n\r\nDescription\r\n===========\r\n\r\nMultiple race condition vulnerabilities have been discovered in nano.\r\nFor further information please consult the CVE entries referenced\r\nbelow.\r\n\r\nImpact\r\n======\r\n\r\nUnder certain conditions, a local, user-assisted attacker could\r\npossibly overwrite arbitrary files via a symlink attack on an\r\nattacker-owned file that is being edited by the victim, or change the\r\nownership of arbitrary files.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll nano users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=app-editors/nano-2.2.4"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2010-1160\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1160\r\n [ 2 ] CVE-2010-1161\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1161\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-201006-08.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttps://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2010 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5\r\n", "edition": 1, "modified": "2010-06-02T00:00:00", "published": "2010-06-02T00:00:00", "id": "SECURITYVULNS:DOC:23971", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:23971", "title": "[ GLSA 201006-08 ] nano: Multiple vulnerabilities", "type": "securityvulns", "cvss": {"score": 3.7, "vector": "AV:LOCAL/AC:HIGH/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-07T10:52:38", "description": "The remote host is affected by the vulnerability described in GLSA-201006-08\n(nano: Multiple vulnerabilities)\n\n Multiple race condition vulnerabilities have been discovered in nano.\n For further information please consult the CVE entries referenced\n below.\n \nImpact :\n\n Under certain conditions, a local, user-assisted attacker could\n possibly overwrite arbitrary files via a symlink attack on an\n attacker-owned file that is being edited by the victim, or change the\n ownership of arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2010-06-02T00:00:00", "title": "GLSA-201006-08 : nano: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "modified": "2010-06-02T00:00:00", "cpe": ["cpe:/o:gentoo:linux", "p-cpe:/a:gentoo:linux:nano"], "id": "GENTOO_GLSA-201006-08.NASL", "href": "https://www.tenable.com/plugins/nessus/46775", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201006-08.\n#\n# The advisory text is Copyright (C) 2001-2016 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(46775);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_bugtraq_id(39502);\n script_xref(name:\"GLSA\", value:\"201006-08\");\n\n script_name(english:\"GLSA-201006-08 : nano: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201006-08\n(nano: Multiple vulnerabilities)\n\n Multiple race condition vulnerabilities have been discovered in nano.\n For further information please consult the CVE entries referenced\n below.\n \nImpact :\n\n Under certain conditions, a local, user-assisted attacker could\n possibly overwrite arbitrary files via a symlink attack on an\n attacker-owned file that is being edited by the victim, or change the\n ownership of arbitrary files.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201006-08\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All nano users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=app-editors/nano-2.2.4'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:nano\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/06/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"app-editors/nano\", unaffected:make_list(\"ge 2.2.4\"), vulnerable:make_list(\"lt 2.2.4\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:qpkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nano\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:51", "description": "CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-07-01T00:00:00", "title": "Fedora 11 : nano-2.0.9-1.fc11 (2010-6776)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "modified": "2010-07-01T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nano", "cpe:/o:fedoraproject:fedora:11"], "id": "FEDORA_2010-6776.NASL", "href": "https://www.tenable.com/plugins/nessus/47452", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-6776.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47452);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_bugtraq_id(39502);\n script_xref(name:\"FEDORA\", value:\"2010-6776\");\n\n script_name(english:\"Fedora 11 : nano-2.0.9-1.fc11 (2010-6776)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582434\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/040678.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94c33a26\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nano package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nano\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^11([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 11.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC11\", reference:\"nano-2.0.9-1.fc11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nano\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:07:56", "description": "CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-09-09T00:00:00", "title": "Fedora 12 : nano-2.0.9-7.fc12 (2010-13157)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "modified": "2010-09-09T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nano", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-13157.NASL", "href": "https://www.tenable.com/plugins/nessus/49153", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-13157.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(49153);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_bugtraq_id(39502);\n script_xref(name:\"FEDORA\", value:\"2010-13157\");\n\n script_name(english:\"Fedora 12 : nano-2.0.9-7.fc12 (2010-13157)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582434\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-September/047219.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?42e5f51e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nano package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nano\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/09/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"nano-2.0.9-7.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nano\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:51", "description": "CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-07-01T00:00:00", "title": "Fedora 13 : nano-2.2.4-1.fc13 (2010-6735)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "modified": "2010-07-01T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:13", "p-cpe:/a:fedoraproject:fedora:nano"], "id": "FEDORA_2010-6735.NASL", "href": "https://www.tenable.com/plugins/nessus/47447", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-6735.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47447);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_bugtraq_id(39502);\n script_xref(name:\"FEDORA\", value:\"2010-6735\");\n\n script_name(english:\"Fedora 13 : nano-2.2.4-1.fc13 (2010-6735)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582434\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-April/040465.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?ea5baee3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nano package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nano\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:13\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^13([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 13.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC13\", reference:\"nano-2.2.4-1.fc13\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nano\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:08:51", "description": "CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2010-07-01T00:00:00", "title": "Fedora 12 : nano-2.0.9-6.fc12 (2010-6775)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2010-1161", "CVE-2010-1160"], "modified": "2010-07-01T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:nano", "cpe:/o:fedoraproject:fedora:12"], "id": "FEDORA_2010-6775.NASL", "href": "https://www.tenable.com/plugins/nessus/47451", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2010-6775.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(47451);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2010-1160\", \"CVE-2010-1161\");\n script_bugtraq_id(39502);\n script_xref(name:\"FEDORA\", value:\"2010-6775\");\n\n script_name(english:\"Fedora 12 : nano-2.0.9-6.fc12 (2010-6775)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"CVE-2010-1160 CVE-2010-1161\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=582434\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2010-May/040742.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2e223420\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected nano package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:nano\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:12\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2010/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^12([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 12.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC12\", reference:\"nano-2.0.9-6.fc12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:rpm_report_get());\n else security_note(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"nano\");\n}\n", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1160", "CVE-2010-1161"], "description": "GNU nano is a small and friendly text editor. ", "modified": "2010-05-04T06:10:52", "published": "2010-05-04T06:10:52", "id": "FEDORA:8D71D111A09", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 11 Update: nano-2.0.9-1.fc11", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1160", "CVE-2010-1161"], "description": "GNU nano is a small and friendly text editor. ", "modified": "2010-04-30T23:41:33", "published": "2010-04-30T23:41:33", "id": "FEDORA:EB371112876", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 13 Update: nano-2.2.4-1.fc13", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1160", "CVE-2010-1161"], "description": "GNU nano is a small and friendly text editor. ", "modified": "2010-09-09T01:11:10", "published": "2010-09-09T01:11:10", "id": "FEDORA:AE39B110DDD", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: nano-2.0.9-7.fc12", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2010-1160", "CVE-2010-1161"], "description": "GNU nano is a small and friendly text editor. ", "modified": "2010-05-04T06:22:25", "published": "2010-05-04T06:22:25", "id": "FEDORA:8861A112147", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 12 Update: nano-2.0.9-6.fc12", "cvss": {"score": 3.7, "vector": "AV:L/AC:H/Au:N/C:P/I:P/A:P"}}]}