{"id": "OPENVAS:867280", "type": "openvas", "bulletinFamily": "scanner", "title": "Fedora Update for libreswan FEDORA-2014-1121", "description": "Check for the Version of libreswan", "published": "2014-02-05T00:00:00", "modified": "2017-07-10T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "http://plugins.openvas.org/nasl.php?oid=867280", "reporter": "Copyright (C) 2014 Greenbone Networks GmbH", "references": ["https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127438.html", "2014-1121"], "cvelist": ["CVE-2013-4564", "CVE-2013-6467"], "lastseen": "2017-07-25T10:48:57", "viewCount": 3, "enchantments": {"score": {"value": 5.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2013-4564", "CVE-2013-6467"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-4564", "DEBIANCVE:CVE-2013-6467"]}, {"type": "fedora", "idList": ["FEDORA:0FDC4223DC", "FEDORA:53A5C21010", "FEDORA:5761421F3A", "FEDORA:983D222138", "FEDORA:B05396087800", "FEDORA:CDE0F222FA"]}, {"type": "nessus", "idList": ["FEDORA_2013-23250.NASL", "FEDORA_2013-23299.NASL", "FEDORA_2013-23315.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310867178", "OPENVAS:1361412562310867180", "OPENVAS:1361412562310867257", "OPENVAS:1361412562310867280", "OPENVAS:1361412562310869443", "OPENVAS:867178", "OPENVAS:867180", "OPENVAS:867257"]}, {"type": "rapid7blog", "idList": ["RAPID7BLOG:47F2249FC4903D395D79675E2BE38D91"]}, {"type": "seebug", "idList": ["SSV:61286", "SSV:61354", "SSV:61495"]}]}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2013-4564", "CVE-2013-6467"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-6467"]}, {"type": "fedora", "idList": ["FEDORA:983D222138"]}, {"type": "nessus", "idList": ["FEDORA_2013-23315.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:867257"]}, {"type": "seebug", "idList": ["SSV:61495"]}]}, "exploitation": null, "vulnersScore": 5.6}, "pluginID": "867280", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2014-1121\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867280);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-05 09:53:45 +0530 (Wed, 05 Feb 2014)\");\n script_cve_id(\"CVE-2013-6467\", \"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2014-1121\");\n\n tag_insight = \"Libreswan is a free implementation of IPsec &amp IKE for Linux. IPsec is\nthe Internet Protocol Security and uses strong cryptography to provide\nboth authentication and encryption services. These services allow you\nto build secure tunnels through untrusted networks. Everything passing\nthrough the untrusted net is encrypted by the ipsec gateway machine and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network or VPN.\n\nThis package contains the daemons and userland tools for setting up\nLibreswan. To build KLIPS, see the kmod-libreswan.spec file.\n\nLibreswan also supports IKEv2 (RFC4309) and Secure Labeling\n\nLibreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04\n\";\n\n tag_affected = \"libreswan on Fedora 20\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-1121\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127438.html\");\n script_summary(\"Check for the Version of libreswan\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.8~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "naslFamily": "Fedora Local Security Checks", "immutableFields": [], "cvss2": {}, "cvss3": {}, "_state": {"dependencies": 1647589307, "score": 0}}

{"fedora": [{"lastseen": "2020-12-21T08:17:52", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2014-01-29T03:11:50", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libreswan-3.8-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564", "CVE-2013-6467"], "modified": "2014-01-29T03:11:50", "id": "FEDORA:5761421F3A", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:53", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2015-06-14T17:24:32", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libreswan-3.13-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564", "CVE-2013-6467", "CVE-2015-3204"], "modified": "2015-06-14T17:24:32", "id": "FEDORA:B05396087800", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2014-01-29T03:07:51", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: libreswan-3.8-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6467"], "modified": "2014-01-29T03:07:51", "id": "FEDORA:983D222138", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2013-12-23T03:43:20", "type": "fedora", "title": "[SECURITY] Fedora 19 Update: libreswan-3.7-1.fc19", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564"], "modified": "2013-12-23T03:43:20", "id": "FEDORA:CDE0F222FA", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2013-12-23T03:41:31", "type": "fedora", "title": "[SECURITY] Fedora 18 Update: libreswan-3.7-1.fc18", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564"], "modified": "2013-12-23T03:41:31", "id": "FEDORA:53A5C21010", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:52", "description": "Libreswan is a free implementation of IPsec & IKE for Linux. IPsec is the Internet Protocol Security and uses strong cryptography to provide both authentication and encryption services. These services allow you to build secure tunnels through untrusted networks. Everything passing through the untrusted net is encrypted by the ipsec gateway machine and decrypted by the gateway at the other end of the tunnel. The resulting tunnel is a virtual private network or VPN. This package contains the daemons and userland tools for setting up Libreswan. To build KLIPS, see the kmod-libreswan.spec file. Libreswan also supports IKEv2 (RFC4309) and Secure Labeling Libreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2 .04 ", "edition": 2, "cvss3": {}, "published": "2013-12-23T03:45:24", "type": "fedora", "title": "[SECURITY] Fedora 20 Update: libreswan-3.7-1.fc20", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564"], "modified": "2013-12-23T03:45:24", "id": "FEDORA:0FDC4223DC", "href": "", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:37:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-02-05T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2014-1121", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564", "CVE-2013-6467"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867280", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867280", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2014-1121\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867280\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-02-05 09:53:45 +0530 (Wed, 05 Feb 2014)\");\n script_cve_id(\"CVE-2013-6467\", \"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2014-1121\");\n script_tag(name:\"affected\", value:\"libreswan on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-1121\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127438.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreswan'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.8~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:36:31", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2015-06-15T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2015-9388", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564", "CVE-2013-6467", "CVE-2015-3204"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310869443", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869443", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2015-9388\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869443\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2015-06-15 06:10:56 +0200 (Mon, 15 Jun 2015)\");\n script_cve_id(\"CVE-2015-3204\", \"CVE-2013-6467\", \"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for libreswan FEDORA-2015-9388\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreswan'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"libreswan on Fedora 20\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2015-9388\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2015-June/160122.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC20\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.13~1.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:44", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2014-01-30T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2014-1092", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6467"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867257", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867257", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2014-1092\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867257\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-30 10:43:08 +0530 (Thu, 30 Jan 2014)\");\n script_cve_id(\"CVE-2013-6467\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2014-1092\");\n script_tag(name:\"affected\", value:\"libreswan on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2014-1092\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127424.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreswan'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.8~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:48:46", "description": "Check for the Version of libreswan", "cvss3": {}, "published": "2014-01-30T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2014-1092", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6467"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867257", "href": "http://plugins.openvas.org/nasl.php?oid=867257", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2014-1092\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2014 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867257);\n script_version(\"$Revision: 6629 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:33:41 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2014-01-30 10:43:08 +0530 (Thu, 30 Jan 2014)\");\n script_cve_id(\"CVE-2013-6467\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2014-1092\");\n\n tag_insight = \"Libreswan is a free implementation of IPsec &amp IKE for Linux. IPsec is\nthe Internet Protocol Security and uses strong cryptography to provide\nboth authentication and encryption services. These services allow you\nto build secure tunnels through untrusted networks. Everything passing\nthrough the untrusted net is encrypted by the ipsec gateway machine and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network or VPN.\n\nThis package contains the daemons and userland tools for setting up\nLibreswan. To build KLIPS, see the kmod-libreswan.spec file.\n\nLibreswan also supports IKEv2 (RFC4309) and Secure Labeling\n\nLibreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04\n\";\n\n tag_affected = \"libreswan on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2014-1092\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127424.html\");\n script_summary(\"Check for the Version of libreswan\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2014 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.8~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2013-23315", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867180", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2013-23315\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867180\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-23 11:08:28 +0530 (Mon, 23 Dec 2013)\");\n script_cve_id(\"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2013-23315\");\n\n\n script_tag(name:\"affected\", value:\"libreswan on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-23315\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124928.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreswan'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.7~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:51:29", "description": "Check for the Version of libreswan", "cvss3": {}, "published": "2013-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2013-23299", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:867178", "href": "http://plugins.openvas.org/nasl.php?oid=867178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2013-23299\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867178);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-23 11:06:18 +0530 (Mon, 23 Dec 2013)\");\n script_cve_id(\"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2013-23299\");\n\n tag_insight = \"Libreswan is a free implementation of IPsec &amp IKE for Linux. IPsec is\nthe Internet Protocol Security and uses strong cryptography to provide\nboth authentication and encryption services. These services allow you\nto build secure tunnels through untrusted networks. Everything passing\nthrough the untrusted net is encrypted by the ipsec gateway machine and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network or VPN.\n\nThis package contains the daemons and userland tools for setting up\nLibreswan. To build KLIPS, see the kmod-libreswan.spec file.\n\nLibreswan also supports IKEv2 (RFC4309) and Secure Labeling\n\nLibreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04\n\";\n\n tag_affected = \"libreswan on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-23299\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html\");\n script_summary(\"Check for the Version of libreswan\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.7~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:09:25", "description": "Check for the Version of libreswan", "cvss3": {}, "published": "2013-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2013-23315", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:867180", "href": "http://plugins.openvas.org/nasl.php?oid=867180", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2013-23315\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(867180);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-23 11:08:28 +0530 (Mon, 23 Dec 2013)\");\n script_cve_id(\"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2013-23315\");\n\n tag_insight = \"Libreswan is a free implementation of IPsec &amp IKE for Linux. IPsec is\nthe Internet Protocol Security and uses strong cryptography to provide\nboth authentication and encryption services. These services allow you\nto build secure tunnels through untrusted networks. Everything passing\nthrough the untrusted net is encrypted by the ipsec gateway machine and\ndecrypted by the gateway at the other end of the tunnel. The resulting\ntunnel is a virtual private network or VPN.\n\nThis package contains the daemons and userland tools for setting up\nLibreswan. To build KLIPS, see the kmod-libreswan.spec file.\n\nLibreswan also supports IKEv2 (RFC4309) and Secure Labeling\n\nLibreswan is based on Openswan-2.6.38 which in turn is based on FreeS/WAN-2.04\n\";\n\n tag_affected = \"libreswan on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-23315\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124928.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of libreswan\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.7~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-12-23T00:00:00", "type": "openvas", "title": "Fedora Update for libreswan FEDORA-2013-23299", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310867178", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310867178", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for libreswan FEDORA-2013-23299\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.867178\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-23 11:06:18 +0530 (Mon, 23 Dec 2013)\");\n script_cve_id(\"CVE-2013-4564\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for libreswan FEDORA-2013-23299\");\n\n\n script_tag(name:\"affected\", value:\"libreswan on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-23299\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libreswan'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"libreswan\", rpm:\"libreswan~3.7~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2022-03-27T15:06:48", "description": "Updated to 3.8, fixes CVE-2013-6467 (rhbz#1054102)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-29T00:00:00", "type": "nessus", "title": "Fedora 19 : libreswan-3.8-1.fc19 (2014-1092)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6467"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libreswan", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2014-1092.NASL", "href": "https://www.tenable.com/plugins/nessus/72190", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-1092.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72190);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(64987);\n script_xref(name:\"FEDORA\", value:\"2014-1092\");\n\n script_name(english:\"Fedora 19 : libreswan-3.8-1.fc19 (2014-1092)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated to 3.8, fixes CVE-2013-6467 (rhbz#1054102)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1054102\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127424.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1482728\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"libreswan-3.8-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-04-13T14:50:32", "description": "Updated to 3.8, fixes CVE-2013-6467 (rhbz#1054102)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2014-01-29T00:00:00", "type": "nessus", "title": "Fedora 20 : libreswan-3.8-1.fc20 (2014-1121)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-6467"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libreswan", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2014-1121.NASL", "href": "https://www.tenable.com/plugins/nessus/72191", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2014-1121.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(72191);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_bugtraq_id(64987);\n script_xref(name:\"FEDORA\", value:\"2014-1121\");\n\n script_name(english:\"Fedora 20 : libreswan-3.8-1.fc20 (2014-1121)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated to 3.8, fixes CVE-2013-6467 (rhbz#1054102)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1054102\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2014-January/127438.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3728c312\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/01/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"libreswan-3.8-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:01", "description": "Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM Improved Cisco interop, IKEv2 improvements, bugfixes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-12-23T00:00:00", "type": "nessus", "title": "Fedora 18 : libreswan-3.7-1.fc18 (2013-23299)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libreswan", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-23299.NASL", "href": "https://www.tenable.com/plugins/nessus/71591", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-23299.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71591);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4564\");\n script_xref(name:\"FEDORA\", value:\"2013-23299\");\n\n script_name(english:\"Fedora 18 : libreswan-3.7-1.fc18 (2013-23299)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM Improved\nCisco interop, IKEv2 improvements, bugfixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1031830\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124911.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4a3fa2c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"libreswan-3.7-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:51:58", "description": "Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-12-23T00:00:00", "type": "nessus", "title": "Fedora 20 : libreswan-3.7-1.fc20 (2013-23250)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libreswan", "cpe:/o:fedoraproject:fedora:20"], "id": "FEDORA_2013-23250.NASL", "href": "https://www.tenable.com/plugins/nessus/71589", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-23250.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71589);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4564\");\n script_xref(name:\"FEDORA\", value:\"2013-23250\");\n\n script_name(english:\"Fedora 20 : libreswan-3.7-1.fc20 (2013-23250)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1031830\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124943.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7538313c\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"libreswan-3.7-1.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:52:06", "description": "Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM support Improved Cisco interop, IKEv2 improvements, bugfixes\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": null, "vector": null}, "published": "2013-12-23T00:00:00", "type": "nessus", "title": "Fedora 19 : libreswan-3.7-1.fc19 (2013-23315)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libreswan", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-23315.NASL", "href": "https://www.tenable.com/plugins/nessus/71592", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-23315.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71592);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-4564\");\n script_xref(name:\"FEDORA\", value:\"2013-23315\");\n\n script_name(english:\"Fedora 19 : libreswan-3.7-1.fc19 (2013-23315)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM support\nImproved Cisco interop, IKEv2 improvements, bugfixes\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1031830\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-December/124928.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b1450622\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libreswan package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libreswan\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"libreswan-3.7-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libreswan\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debiancve": [{"lastseen": "2022-05-26T07:34:36", "description": "Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.", "cvss3": {}, "published": "2014-01-26T20:55:00", "type": "debiancve", "title": "CVE-2013-6467", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6467"], "modified": "2014-01-26T20:55:00", "id": "DEBIANCVE:CVE-2013-6467", "href": "https://security-tracker.debian.org/tracker/CVE-2013-6467", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-05-26T07:34:36", "description": "Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.", "cvss3": {}, "published": "2014-01-07T17:04:00", "type": "debiancve", "title": "CVE-2013-4564", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564"], "modified": "2014-01-07T17:04:00", "id": "DEBIANCVE:CVE-2013-4564", "href": "https://security-tracker.debian.org/tracker/CVE-2013-4564", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "cve": [{"lastseen": "2022-03-23T14:35:23", "description": "Libreswan 3.7 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.", "cvss3": {}, "published": "2014-01-26T20:55:00", "type": "cve", "title": "CVE-2013-6467", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-6467"], "modified": "2017-08-29T01:33:00", "cpe": ["cpe:/a:libreswan:libreswan:3.6", "cpe:/a:libreswan:libreswan:3.0", "cpe:/a:libreswan:libreswan:3.1", "cpe:/a:libreswan:libreswan:3.4", "cpe:/a:libreswan:libreswan:3.5", "cpe:/a:libreswan:libreswan:3.3", "cpe:/a:libreswan:libreswan:3.7", "cpe:/a:libreswan:libreswan:3.2"], "id": "CVE-2013-6467", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-6467", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:libreswan:libreswan:3.4:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.5:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.3:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.2:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.7:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.0:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.6:*:*:*:*:*:*:*", "cpe:2.3:a:libreswan:libreswan:3.1:*:*:*:*:*:*:*"]}, {"lastseen": "2022-03-23T13:43:44", "description": "Libreswan 3.6 allows remote attackers to cause a denial of service (crash) via a small length value and (1) no version or (2) an invalid major number in an IKE packet.", "cvss3": {}, "published": "2014-01-07T17:04:00", "type": "cve", "title": "CVE-2013-4564", "cwe": ["CWE-189"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-4564"], "modified": "2014-02-25T18:02:00", "cpe": ["cpe:/a:libreswan:libreswan:3.6"], "id": "CVE-2013-4564", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4564", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:a:libreswan:libreswan:3.6:*:*:*:*:*:*:*"]}], "seebug": [{"lastseen": "2017-11-19T17:41:30", "description": "CVE ID\uff1aCVE-2013-4564\r\n\r\nLibreswan\u662f\u4e00\u6b3e\u7c7b\u4f3cOpenSwan\u7684IPsec\u5b9e\u73b0\u3002 \r\n\r\n1)\u5904\u7406&quot;process_packet()\u65b9\u6cd5(pluto/demux.c)\u4e2dIKE\u6570\u636e\u5305\u65f6\u7684\u9519\u8bef\uff0c\u5bfc\u81f4\u901a\u8fc7\u7279\u5236\u7684IKE\u6570\u636e\u5305\u9020\u6210libreswan\u91cd\u65b0\u542f\u52a8\u3002\r\n\r\n2)\u5904\u7406&quot;ikev2parent_inI1outR1()&quot;\u51fd\u6570\uff08pluto/ikev2_parent.c\u4e2dIKE\u901a\u544a\u62a5\u6587\u65f6\u7684\u9519\u8bef\uff0c\u5bfc\u81f4\u5229\u7528\u7279\u5236\u7684IKE\u5f15\u8d77libreswan\u91cd\u65b0\u542f\u52a8\u3002\r\n\r\n3)\u4e3aRHEL\u5904\u7406libreswan.spec\u6587\u4ef6\u65f6\u5e94\u7528\u7a0b\u5e8f\u4e0d\u5b89\u5168\u521b\u5efa/var/tmp/libreswan-nss-pwd\u6587\u4ef6\uff0c\u53ef\u88ab\u5229\u7528\u6765\u64cd\u7eb5\u67d0\u4e9b\u6570\u636e\u3002\n0\nlibreswan 3.x\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nlibreswan\r\n-----\r\nlibreswan 3.7\u7248\u672c\u4ee5\u4fee\u590d\u6b64\u6f0f\u6d1e\uff0c\u5efa\u8bae\u7528\u6237\u4e0b\u8f7d\u4f7f\u7528\uff1a\r\n\r\nhttps://lists.libreswan.org/pipermail/swan-announce/2013/000007.html", "cvss3": {}, "published": "2014-01-06T00:00:00", "title": "libreswan\u591a\u4e2a\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-4564"], "modified": "2014-01-06T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61286", "id": "SSV:61286", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:33:51", "description": "BUGTRAQ ID: 65155\r\nCVE(CAN) ID: CVE-2013-6466\r\n\r\nOpenswan\u662f\u4e00\u6b3eLinux\u7cfb\u7edf\u4e0b\u7684IPSEC\u5b9e\u73b0\uff0c\u57fa\u4e8eFreeS/WAN\u9879\u76ee\u3002\r\n\r\nOpenswan 2.6.39\u53ca\u4e4b\u524d\u7248\u672c\u5728\u5b9e\u73b0\u4e0a\u5b58\u5728\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u901a\u8fc7\u7578\u5f62\u7684IKEv2\u6570\u636e\u5305\uff0c\u5229\u7528\u6b64\u6f0f\u6d1e\u53ef\u9020\u6210\u5e94\u7528\u91cd\u542f\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\n0\nOpenswan Openswan &lt;= 2.6.39\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenswan\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttp://www.openswan.org/ \r\nhttps://libreswan.org/security/CVE-2013-6467/CVE-2013-6467.txt", "cvss3": {}, "published": "2014-02-20T00:00:00", "type": "seebug", "title": "Openswan IKEv2\u8d1f\u8f7d\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-6466", "CVE-2013-6467"], "modified": "2014-02-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61495", "id": "SSV:61495", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T17:40:31", "description": "BUGTRAQ ID: 64984\r\nCVE(CAN) ID: CVE-2013-7294\r\n\r\nLibreswan\u662fLinux\u5e73\u53f0\u4e0a\u7684IPsec\u5b9e\u73b0\uff0c\u652f\u6301\u5f88\u591aIPsec\u6269\u5c55\uff0c\u5305\u62ecIKEv2, X.509 Digital Certificates, NAT Traversal\u7b49\u3002\r\n\r\nLibreswan 3.7\u4e4b\u524d\u7248\u672c\uff0cprograms/pluto/ikev2_parent.c\u5185\u7684\u51fd\u6570 ikev2parent_inI1outR1 \u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u53ef\u5bfc\u81f4\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u3002\u6b64\u6f0f\u6d1e\u6e90\u4e8e\u5904\u7406KE\u8d1f\u8f7d\u65f6\uff0cIKEv2 I1\u901a\u77e5\u5931\u8d25\u3002\n0\nlibreswan libreswan 3.6\n\u5382\u5546\u8865\u4e01\uff1a\r\n\r\nlibreswan\r\n---------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\nhttps://github.com/libreswan/libreswan\r\n\r\nhttps://lists.libreswan.org/pipermail/swan-announce/2013/000007.html\r\nhttps://libreswan.org/security/CVE-2013-4564/CVE-2013-4564.txt.asc", "cvss3": {}, "published": "2014-01-20T00:00:00", "title": "Libreswan 'ikev2parent_inI1outR1()'\u51fd\u6570\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvss2": {}, "cvelist": ["CVE-2013-4564", "CVE-2013-7294"], "modified": "2014-01-20T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-61354", "id": "SSV:61354", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "rapid7blog": [{"lastseen": "2021-01-29T14:48:39", "description": "\n\nWelcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thing or two about the nature of internet exposure, so we figured, why not break up all the protocol studies into their own reports?\n\nSo, here we are! What follows is taken directly from our National / Industry / Cloud Exposure Report (NICER), so if you don't want to wait around for the next installment, you can cheat and read ahead!\n\n#### [Research] Read the full NICER report today\n\n[Get Started](<https://www.rapid7.com/info/nicer-2020/>)\n\n \n\n\n## HTTP (TCP/80) &amp; HTTPS (TCP/443)\n\n_One protocol to bring them all, and in the darkness, bind them._\n\n### TLDR\n\n * **WHAT IT IS: HTTP: **Pristine, plaintext Hypertext Transfer Protocol communications. **HTTPS: **Encrypted HTTP.\n * **HOW MANY: **51,519,309 discovered HTTP nodes. 36,141,137 discovered HTTPS nodes. We\u2019re going to be talking a bit differently about fingerprinting in this blog post, so raw, generic counts will have no context.\n * **VULNERABILITIES:** Hoo boy! Many! But, do you mean vulnerabilities in core web servers themselves? The add-ons folks build into them? The web applications they serve? As many users of Facebook might say, \u201cit\u2019s complicated.\u201d\n * **ADVICE: **Go back to Gopher! Seriously, though, please continue to build awesome things using HTTPS. Just build them in such a way that folks who install and operate web servers can easily configure them securely, see patch status, and upgrade quickly and confidently.\n * **ALTERNATIVES: **[QUIC](<https://tools.ietf.org/html/draft-tsvwg-quic-protocol-02>), or \u201cQuick UDP Internet Connection,\u201d which is a \u201cnew multiplexed and secure transport atop UDP, designed from the ground up and optimized for HTTP/2 semantics.\u201d While HTTP[S] will be with us for a Very Long Time, QUIC is its successor and will usher in whole new ways to deliver content securely and efficiently (and undoubtedly, exploit the same).\n\nWe\u2019re going to talk about both HTTP and HTTPS combined (for the most part) as we identify what we found, some core areas of exposure, and opportunities for attackers. It\u2019ll be a bit different than all the previous blogs, but that\u2019s just part of the quirky nature of HTTP in general.\n\n### Discovery details\n\nWay back in our Email blogs, we compared encrypted and unencrypted services. We\u2019ll do the same here, but will be presenting a \u201ctop 12\u201d for countries since that is the set combination between HTTP and HTTPS.\n\nThere are 30% more devices on the internet running plaintext HTTP versus encrypted HTTPS web services. The U.S. dwarfs all other countries in terms of discovered web service, very likely due to the presence of so many cloud services, hosting providers, and routers, switches, etc. in IPv4 space allocated to the U.S.\n\nGermany and Ireland each expose 9% more HTTPS nodes than HTTP, and both the Netherlands and U.K. are quickly closing their encryption disparity as well.\n\nWe\u2019ll skip cloud counts since, well, everyone knows cloud servers are full of web servers and we\u2019re not sure what good it will do letting you know that Amazon had ~640K Elastic Load Balancers (version 2.0!) running on the day our studies kicked off. \n\n\n\n## Exposure information\n\nTo understand exposure, we need to see what is running on these web servers. That\u2019s not as easy as you might think with just lightweight scans. For example, here are the top 20 HTTP servers by vendor/family and port:\n\nVendor | Family | HTTPS (80) | % of HTTP | | HTTPS (443) | % of HTTPS \n---|---|---|---|---|---|--- \nMicrosoft | IIS | 5,273,393 | 10.24% | | 2,096,655 | 5.80% \nApache | Apache | 4,873,517 | 9.46% | | 2,595,714 | 7.18% \nnginx | nginx | 3,938,031 | 7.64% | | 2,495,667 | 6.91% \nAmazon | Elastic Load Balancing | 644,862 | 1.25% | | 386,751 | 1.07% \nSquid Cache | Squid | 381,224 | 0.74% | | 8,649 | 0.02% \nACME Laboratories | mini_httpd | 125,708 | 0.24% | | 82,427 | 0.23% \nOracle | GoAhead Webserver | 48,505 | 0.09% | | 40,501 | 0.11% \nApache | Tomcat | 40,702 | 0.08% | | 32,271 | 0.09% \nTaobao | Tengine | 37,626 | 0.07% | | 14,130 | 0.04% \nEclipse | Jetty | 29,750 | 0.06% | | 50,763 | 0.14% \nMbedthis Software | Appweb | 23,463 | 0.05% | | 19,470 | 0.05% \nVirata | EmWeb | 22,354 | 0.04% | | 7,179 | 0.02% \nEmbedthis | Appweb | 17,235 | 0.03% | | 32,629 | 0.09% \nMicrosoft | Windows CE Web Server | 14,012 | 0.03% | | 1,027 | 0.00% \nTornadoWeb | Tornado | 13,637 | 0.03% | | 10,151 | 0.03% \nTridium | Niagara | 9,772 | 0.02% | | 564 | 0.00% \nTwistedMatrix | Twisted Web | 7,481 | 0.01% | | 4,984 | 0.01% \nCaucho | Resin | 5,168 | 0.01% | | 1,812 | 0.01% \nMort Bay | Jetty | 5,079 | 0.01% | | 2,033 | 0.01% \nSolarWinds | Serv-U | 3,232 | 0.01% | | 6,421 | 0.02% \n \nRemember, we\u2019re just counting what comes back on a `GET` request to those two ports on each active IP address, and the counts come from Recog signatures (which are great, but far from comprehensive). For some servers, we can get down to the discrete version level, which lets us build a [Common Platform Enumeration](<https://nvd.nist.gov/products/cpe>) identifier. That identifier lets us see how many CVEs a given instance type has associated with it. We used this capability to compare each version of each service family against the number of CVEs it has. While we do not have complete coverage across the above list, we do have some of the heavy(ier) hitters:\n\n\n\nWe limited the view to a service family having at least having 10 or more systems exposed and used color to encode the CVSS v2 scores. \n\nThe most prevalent CVE-enumerated vulnerabilities are listed in the table below. While it's technically possible that these CVEs have been mitigated through some other software control, patching them out entirely is really the best and easiest way to avoid uncomfortable conversations with your vulnerability manager.\n\nAnd, the top 30 most prevalent are:\n\nCVE | Number \n---|--- \nCVE-2017-8361 | 336 \nCVE-2013-2275 | 202 \nCVE-2012-1452 | 186 \nCVE-2016-1000107 | 184 \nCVE-2016-6440 | 184 \nCVE-2012-0038 | 168 \nCVE-2012-1835 | 165 \nCVE-2016-8827 | 165 \nCVE-2011-3868 | 164 \nCVE-2011-0607 | 160 \nCVE-2007-6740 | 154 \nCVE-2013-4564 | 150 \nCVE-2016-0948 | 149 \nCVE-2016-0956 | 149 \nCVE-2009-2047 | 146 \nCVE-2015-5670 | 145 \nCVE-2017-8577 | 143 \nCVE-2014-0134 | 135 \nCVE-2015-5355 | 135 \nCVE-2012-5932 | 127 \nCVE-2014-8089 | 120 \nCVE-2015-5685 | 118 \nCVE-2016-1000109 | 118 \nCVE-2015-5672 | 114 \nCVE-2016-5596 | 112 \nCVE-2016-5600 | 112 \nCVE-2016-4261 | 111 \nCVE-2016-4263 | 111 \nCVE-2016-4264 | 111 \nCVE-2016-4268 | 111 \n \nWhile we expect to see traditional web servers, there are other devices connected to the internet that expose web services or administrative interfaces (which we\u2019ve partially enumerated below):\n\nVendor | Device | HTTP (80) | HTTPS (443) \n---|---|---|--- \nCisco | Firewall | 123 | 986,766 \nAVM | WAP | 1,942 | 604,890 \nAsus | WAP | 1 | 177,936 \nSynology | NAS | 61,796 | 50,531 \nCheck Point | Firewall | 16,059 | 30,773 \nSonicWALL | VPN | 7,413 | 16,061 \nUbiquiti | WAP | 0 | 11,813 \nHP | Printer | 16,247 | 9,178 \nMikroTik | Router | 289,026 | 8,056 \nTivo | DVR | 6,400 | 6,779 \nPhilips | Light Bulb | 4,785 | 3,349 \nPolycom | VoIP | 369 | 3,079 \nUbiquiti | Web cam | 955 | 922 \nHP | Lights Out Management | 601 | 708 \nARRIS | Cable Modem | 350 | 217 \nFortinet | Firewall | 1,221 | 159 \nXerox | Printer | 1,575 | 29 \nCanon | Multifunction Device | 124 | 14 \nNetwave | Web cam | 6,420 | 7 \nHeiTel | DVR | 2,734 | 2 \nSamsung | DVR | 53,053 | 2 \nMerit LILIN | DVR | 2,565 | 1 \nFidelix | Industrial Control | 545 | 0 \nFUHO | DVR | 1,249 | 0 \nShenzhen Reecam Tech. Ltd. | Web cam | 1,902 | 0 \nUbiquiti | DVR | 675 | 0 \nYamaha | Router | 9,675 | 0 \n \nFor instance, we found nearly a million Cisco ASA firewalls. That fact is not necessarily \u201cbad,\u201d since they can be configured to provide remote access services (like VPN). Having 123 instances on port 80 is, however, not the best idea.\n\nUnlike Cisco, most MikroTik routers seem to be exposed sans encryption, and over 75% of them are exposing the device\u2019s admin interface. What could possibly go wrong?\n\nUpward of 50,000 Synology network-attached storage devices show up as well, and the File Sharing blog posts talked at length about the sorry state of exposure in these types of devices. They\u2019re on the internet to enable owners to play local media remotely and access other files remotely.\n\nThere are printers, and light bulbs; DVRs and home router admin interfaces; oh, and a [few thousand entire building control systems](<https://www.fidelix.com/building-automation/>).In short, you can find pretty much anything with a web interface hanging out on the internet.\n\n### Attacker\u2019s view\n\nThere are so many layers in modern HTTP[S] services that attackers likely are often paralyzed by not knowing which ones to go after first. Attacking HTTP services on embedded systems is generally one of the safest paths to take, since they\u2019re generally not monitored by the owner nor the network operator and can be used with almost guaranteed anonymity.\n\nFormal web services\u2014think Apache Struts, WebLogic, and the like\u2014are also desirable targets, since they\u2019re usually associated with enterprise deployments and, thus, have more potential for financial gain or access to confidential records. HTTP interfaces to firewalls and remote access systems (as we saw back in the Remote Access blog posts) have been a major focus for many attacker groups for the past 18\u201324 months since once compromised, they can drop an adversary right into the heart of the internal network where they can (usually) quickly establish a foothold and secondary access method.\n\n\n\nYou\u2019re also more likely to see (at least for now) more initial probes on HTTP (80), as noted by both the unique source IPv4 and total interaction views (above). It\u2019s hard to say \u201cwatch 80 closely, and especially 80\u2192443 moves by clients,\u201d since most services are still offered on both ports and good sites are configured to automatically redirect clients to HTTPS. Still, if you see clients focus more on 80, you may want to flag those for potential further investigation. And, definitely be more careful with your systems that only talk HTTP (80).\n\n## Our advice\n\n**IT and IT security teams** should build awesome platforms and services and put them on the internet over HTTPS! Innovation drives change and progress\u2014plus, the internet has likely done more good than harm since the first HTTP request was made. Do keep all this patched and ensure secure configuration and coding practices are part of the development and deployment lifecycles. Do not put administrative interfaces to anything on the internet if at all possible and ensure you know what services your network devices and \u201cInternet of Things\u201d devices are exposing. Finally, disable `Server:` banners on everything and examine other HTTP headers for what else they might leak and sanitize what you can. Attackers on the lookout for, say, nginx will often move on if they see Apache in the Server header. You\u2019d be surprised just how effective this one change can be.\n\n**Cloud providers **should continue to offer secure, scalable web technologies. At the same time, if pre-built disk images with common application stacks are offered, keep them patched and ensure you have the ability to inform users when things go out-of-date.\n\n**Government cybersecurity agencies** should keep reminding us not to put digital detritus with embedded web servers on the internet and monitor for campaigns that are targeting these invisible services. When there are major issues with core technologies such as Microsoft IIS, Apache HTTP, or nginx, processes should be in place to notify the public and work with ISPs, hosting, and cloud providers to try to contain any possible widespread damage. There should be active programs in place to ensure no critical telecommunications infrastructure has dangerous ports or services exposed, especially router administrative interfaces over HTTP/HTTPS.\n\n#### [Research] Read the full NICER report today\n\n[Get Started](<https://www.rapid7.com/info/nicer-2020/>)", "cvss3": {}, "published": "2021-01-29T14:20:22", "type": "rapid7blog", "title": "NICER Protocol Deep Dive: Internet Exposure of HTTP and HTTPS", "bulletinFamily": "info", "cvss2": {}, "cvelist": ["CVE-2007-6740", "CVE-2009-2047", "CVE-2011-0607", "CVE-2011-3868", "CVE-2012-0038", "CVE-2012-1452", "CVE-2012-1835", "CVE-2012-5932", "CVE-2013-2275", "CVE-2013-4564", "CVE-2014-0134", "CVE-2014-8089", "CVE-2015-5355", "CVE-2015-5670", "CVE-2015-5672", "CVE-2015-5685", "CVE-2016-0948", "CVE-2016-0956", "CVE-2016-1000107", "CVE-2016-1000109", "CVE-2016-4261", "CVE-2016-4263", "CVE-2016-4264", "CVE-2016-4268", "CVE-2016-5596", "CVE-2016-5600", "CVE-2016-6440", "CVE-2016-8827", "CVE-2017-8361", "CVE-2017-8577"], "modified": "2021-01-29T14:20:22", "id": "RAPID7BLOG:47F2249FC4903D395D79675E2BE38D91", "href": "https://blog.rapid7.com/2021/01/29/nicer-protocol-deep-dive-internet-exposure-of-http-and-https/", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}