A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:
* Critical Patch Updates, Security Alerts and Bulletins for information about Oracle Security Advisories.
**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**
This Critical Patch Update contains 284 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at January 2019 Critical Patch Update: Executive Summary and Analysis.
{"openvas": [{"lastseen": "2020-01-31T16:47:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-01-26T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:0084-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2520", "CVE-2019-2509", "CVE-2019-2451", "CVE-2019-2501", "CVE-2019-2525", "CVE-2019-2521", "CVE-2018-0734", "CVE-2019-2448", "CVE-2019-2553", "CVE-2019-2506", "CVE-2019-2511", "CVE-2019-2554", "CVE-2019-2527", "CVE-2019-2552", "CVE-2019-2504", "CVE-2019-2523", "CVE-2019-2500", "CVE-2019-2555", "CVE-2018-11763", "CVE-2019-2548", "CVE-2018-3309", "CVE-2019-2522", "CVE-2018-11784", "CVE-2019-2450", "CVE-2019-2524", "CVE-2019-2556", "CVE-2019-2526", "CVE-2019-2508", "CVE-2019-2446", "CVE-2019-2505"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852253", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852253", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852253\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-11763\", \"CVE-2018-11784\", \"CVE-2018-3309\",\n \"CVE-2019-2446\", \"CVE-2019-2448\", \"CVE-2019-2450\", \"CVE-2019-2451\",\n \"CVE-2019-2500\", \"CVE-2019-2501\", \"CVE-2019-2504\", \"CVE-2019-2505\",\n \"CVE-2019-2506\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2511\",\n \"CVE-2019-2520\", \"CVE-2019-2521\", \"CVE-2019-2522\", \"CVE-2019-2523\",\n \"CVE-2019-2524\", \"CVE-2019-2525\", \"CVE-2019-2526\", \"CVE-2019-2527\",\n \"CVE-2019-2548\", \"CVE-2019-2552\", \"CVE-2019-2553\", \"CVE-2019-2554\",\n \"CVE-2019-2555\", \"CVE-2019-2556\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-01-26 04:02:18 +0100 (Sat, 26 Jan 2019)\");\n script_name(\"openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:0084-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0084-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-01/msg00034.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'virtualbox'\n package(s) announced via the openSUSE-SU-2019:0084-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for virtualbox version 5.2.24 fixes the following issues:\n\n Update fixes multiple vulnerabilities:\n\n CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,\n CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526,\n CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509,\n CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554,\n CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,\n CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506,\n and CVE-2019-2553 (boo#1122212).\n\n Non-security issues fixed:\n\n - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel,\n contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching SuperSpeed devices which\n report USB version 3.1 (rather than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by Windows 10\n Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle build desktop files\n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with older kernels\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-84=1\");\n\n script_tag(name:\"affected\", value:\"virtualbox on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-desktop-icons\", rpm:\"virtualbox-guest-desktop-icons~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-source\", rpm:\"virtualbox-guest-source~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-source\", rpm:\"virtualbox-host-source~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-virtualbox\", rpm:\"python-virtualbox~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python-virtualbox-debuginfo\", rpm:\"python-virtualbox-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debuginfo\", rpm:\"virtualbox-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debugsource\", rpm:\"virtualbox-debugsource~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-devel\", rpm:\"virtualbox-devel~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-default\", rpm:\"virtualbox-guest-kmp-default~5.2.24_k4.4.165_81~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-default-debuginfo\", rpm:\"virtualbox-guest-kmp-default-debuginfo~5.2.24_k4.4.165_81~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools-debuginfo\", rpm:\"virtualbox-guest-tools-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11\", rpm:\"virtualbox-guest-x11~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11-debuginfo\", rpm:\"virtualbox-guest-x11-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-default\", rpm:\"virtualbox-host-kmp-default~5.2.24_k4.4.165_81~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-default-debuginfo\", rpm:\"virtualbox-host-kmp-default-debuginfo~5.2.24_k4.4.165_81~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt\", rpm:\"virtualbox-qt~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt-debuginfo\", rpm:\"virtualbox-qt-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-vnc\", rpm:\"virtualbox-vnc~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv\", rpm:\"virtualbox-websrv~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv-debuginfo\", rpm:\"virtualbox-websrv-debuginfo~5.2.24~66.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:47:27", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-06-12T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:1547-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2520", "CVE-2019-2509", "CVE-2019-2451", "CVE-2019-2501", "CVE-2019-2525", "CVE-2019-2521", "CVE-2018-0734", "CVE-2019-2448", "CVE-2019-2553", "CVE-2019-2506", "CVE-2019-2511", "CVE-2019-2554", "CVE-2019-2527", "CVE-2019-2552", "CVE-2019-2504", "CVE-2019-2523", "CVE-2019-2500", "CVE-2019-2555", "CVE-2018-11763", "CVE-2019-2548", "CVE-2018-3309", "CVE-2019-2522", "CVE-2018-11784", "CVE-2019-2450", "CVE-2019-2524", "CVE-2019-2556", "CVE-2019-2526", "CVE-2019-2508", "CVE-2019-2446", "CVE-2019-2505"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852554", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852554", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852554\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-11763\", \"CVE-2018-11784\", \"CVE-2018-3309\", \"CVE-2019-2446\", \"CVE-2019-2448\", \"CVE-2019-2450\", \"CVE-2019-2451\", \"CVE-2019-2500\", \"CVE-2019-2501\", \"CVE-2019-2504\", \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2511\", \"CVE-2019-2520\", \"CVE-2019-2521\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2524\", \"CVE-2019-2525\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2548\", \"CVE-2019-2552\", \"CVE-2019-2553\", \"CVE-2019-2554\", \"CVE-2019-2555\", \"CVE-2019-2556\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-06-12 02:00:41 +0000 (Wed, 12 Jun 2019)\");\n script_name(\"openSUSE: Security Advisory for virtualbox (openSUSE-SU-2019:1547-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1547-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-06/msg00030.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'virtualbox'\n package(s) announced via the openSUSE-SU-2019:1547-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for virtualbox to version 5.2.24 fixes the following issues:\n\n Multiple security issues fixed:\n\n CVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,\n CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526,\n CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509,\n CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554,\n CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,\n CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506,\n and CVE-2019-2553 (bsc#1122212).\n\n Other issues fixed:\n\n - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel,\n contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching SuperSpeed devices which\n report USB version 3.1 (rather than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by Windows 10\n Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle build desktop files\n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with older kernels\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1547=1\");\n\n script_tag(name:\"affected\", value:\"'virtualbox' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-virtualbox\", rpm:\"python3-virtualbox~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"python3-virtualbox-debuginfo\", rpm:\"python3-virtualbox-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox\", rpm:\"virtualbox~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debuginfo\", rpm:\"virtualbox-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-debugsource\", rpm:\"virtualbox-debugsource~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-devel\", rpm:\"virtualbox-devel~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-kmp-default\", rpm:\"virtualbox-guest-kmp-default~5.2.24_k4.12.14_lp150.12.61~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"<br>virtualbox-guest-kmp-default-debuginfo\", rpm:\"<br>virtualbox-guest-kmp-default-debuginfo~5.2.24_k4.12.14_lp150.12.61~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools\", rpm:\"virtualbox-guest-tools~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-tools-debuginfo\", rpm:\"virtualbox-guest-tools-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11\", rpm:\"virtualbox-guest-x11~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-x11-debuginfo\", rpm:\"virtualbox-guest-x11-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-kmp-default\", rpm:\"virtualbox-host-kmp-default~5.2.24_k4.12.14_lp150.12.61~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"<br>virtualbox-host-kmp-default-debuginfo\", rpm:\"<br>virtualbox-host-kmp-default-debuginfo~5.2.24_k4.12.14_lp150.12.61~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt\", rpm:\"virtualbox-qt~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-qt-debuginfo\", rpm:\"virtualbox-qt-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-vnc\", rpm:\"virtualbox-vnc~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv\", rpm:\"virtualbox-websrv~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-websrv-debuginfo\", rpm:\"virtualbox-websrv-debuginfo~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-desktop-icons\", rpm:\"virtualbox-guest-desktop-icons~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-guest-source\", rpm:\"virtualbox-guest-source~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"virtualbox-host-source\", rpm:\"virtualbox-host-source~5.2.24~lp150.4.33.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-17T14:04:01", "description": "The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle VirtualBox Security Updates (jan2019-5072801) 06 - MAC OS X", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2520", "CVE-2019-2509", "CVE-2019-2451", "CVE-2019-2501", "CVE-2019-2525", "CVE-2019-2521", "CVE-2019-2448", "CVE-2019-2553", "CVE-2019-2506", "CVE-2019-2511", "CVE-2019-2554", "CVE-2019-2527", "CVE-2019-2552", "CVE-2019-2504", "CVE-2019-2523", "CVE-2019-2500", "CVE-2019-2555", "CVE-2019-2548", "CVE-2019-2522", "CVE-2019-2450", "CVE-2019-2524", "CVE-2019-2556", "CVE-2019-2526", "CVE-2019-2508", "CVE-2019-2446", "CVE-2019-2505"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814657", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814657", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VirtualBox Security Updates (jan2019-5072801) 06 - MAC OS X\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814657\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2019-2448\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2548\",\n \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2500\", \"CVE-2019-2555\",\n \"CVE-2019-2446\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2524\",\n \"CVE-2019-2525\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2520\",\n \"CVE-2019-2521\", \"CVE-2019-2504\", \"CVE-2019-2556\", \"CVE-2019-2554\",\n \"CVE-2019-2553\", \"CVE-2019-2552\", \"CVE-2019-2450\", \"CVE-2019-2451\",\n \"CVE-2019-2501\", \"CVE-2019-2511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 15:28:28 +0530 (Wed, 16 Jan 2019)\");\n script_name(\"Oracle VirtualBox Security Updates (jan2019-5072801) 06 - MAC OS X\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n unspecified error in Core component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to affect confidentiality, availability and integrity via\n unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions Prior to 5.2.24\n and 6.x prior to 6.0.2 on MAC OS X.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox 5.2.24 or\n 6.0.2 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_oracle_virtualbox_detect_macosx.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/MacOSX/Version\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvirtualVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:virtualVer, test_version:\"5.2.22\")){\n fix = \"5.2.22\";\n}\n\nelse if(virtualVer =~ \"^6\\.0\")\n{\n if(version_is_less(version:virtualVer, test_version:\"6.0.2\")){\n fix = \"6.0.2\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver( installed_version:virtualVer, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-17T14:04:01", "description": "The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle VirtualBox Security Updates (jan2019-5072801) 05 - Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2520", "CVE-2019-2509", "CVE-2019-2451", "CVE-2019-2501", "CVE-2019-2525", "CVE-2019-2521", "CVE-2019-2448", "CVE-2019-2553", "CVE-2019-2506", "CVE-2019-2511", "CVE-2019-2554", "CVE-2019-2527", "CVE-2019-2552", "CVE-2019-2504", "CVE-2019-2523", "CVE-2019-2500", "CVE-2019-2555", "CVE-2019-2548", "CVE-2019-2522", "CVE-2019-2450", "CVE-2019-2524", "CVE-2019-2556", "CVE-2019-2526", "CVE-2019-2508", "CVE-2019-2446", "CVE-2019-2505"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814656", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814656", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VirtualBox Security Updates (jan2019-5072801) 05 - Linux\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814656\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2019-2448\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2548\",\n \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2500\", \"CVE-2019-2555\",\n \"CVE-2019-2446\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2524\",\n \"CVE-2019-2525\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2520\",\n \"CVE-2019-2521\", \"CVE-2019-2504\", \"CVE-2019-2556\", \"CVE-2019-2554\",\n \"CVE-2019-2553\", \"CVE-2019-2552\", \"CVE-2019-2450\", \"CVE-2019-2451\",\n \"CVE-2019-2501\", \"CVE-2019-2511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 15:28:24 +0530 (Wed, 16 Jan 2019)\");\n script_name(\"Oracle VirtualBox Security Updates (jan2019-5072801) 05 - Linux\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n unspecified error in Core component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to affect confidentiality, availability and integrity via\n unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions Prior to 5.2.24\n and 6.x prior to 6.0.2 on Linux.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox 5.2.24 or\n 6.0.2 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_lin.nasl\");\n script_mandatory_keys(\"Sun/VirtualBox/Lin/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvirtualVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:virtualVer, test_version:\"5.2.22\")){\n fix = \"5.2.22\";\n}\n\nelse if(virtualVer =~ \"^6\\.0\")\n{\n if(version_is_less(version:virtualVer, test_version:\"6.0.2\")){\n fix = \"6.0.2\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver( installed_version:virtualVer, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-07-17T14:04:00", "description": "The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle VirtualBox Security Updates (jan2019-5072801) 04 - Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2520", "CVE-2019-2509", "CVE-2019-2451", "CVE-2019-2501", "CVE-2019-2525", "CVE-2019-2521", "CVE-2019-2448", "CVE-2019-2553", "CVE-2019-2506", "CVE-2019-2511", "CVE-2019-2554", "CVE-2019-2527", "CVE-2019-2552", "CVE-2019-2504", "CVE-2019-2523", "CVE-2019-2500", "CVE-2019-2555", "CVE-2019-2548", "CVE-2019-2522", "CVE-2019-2450", "CVE-2019-2524", "CVE-2019-2556", "CVE-2019-2526", "CVE-2019-2508", "CVE-2019-2446", "CVE-2019-2505"], "modified": "2019-07-05T00:00:00", "id": "OPENVAS:1361412562310814655", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310814655", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle VirtualBox Security Updates (jan2019-5072801) 04 - Windows\n#\n# Authors:\n# Rinu Kuriakose <krinu@secpod.com>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:oracle:vm_virtualbox\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.814655\");\n script_version(\"2019-07-05T09:12:25+0000\");\n script_cve_id(\"CVE-2019-2448\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2548\",\n \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2500\", \"CVE-2019-2555\",\n \"CVE-2019-2446\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2524\",\n \"CVE-2019-2525\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2520\",\n \"CVE-2019-2521\", \"CVE-2019-2504\", \"CVE-2019-2556\", \"CVE-2019-2554\",\n \"CVE-2019-2553\", \"CVE-2019-2552\", \"CVE-2019-2450\", \"CVE-2019-2451\",\n \"CVE-2019-2501\", \"CVE-2019-2511\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 09:12:25 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 15:28:21 +0530 (Wed, 16 Jan 2019)\");\n script_name(\"Oracle VirtualBox Security Updates (jan2019-5072801) 04 - Windows\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Oracle VM\n VirtualBox and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present\n on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to multiple\n unspecified error in Core component.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will allow remote\n attackers to affect confidentiality, availability and integrity via\n unknown vectors.\");\n\n script_tag(name:\"affected\", value:\"VirtualBox versions Prior to 5.2.24\n and 6.x prior to 6.0.2 on Windows.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Oracle VirtualBox 5.2.24 or\n 6.0.2 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_xref(name:\"URL\", value:\"http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_sun_virtualbox_detect_win.nasl\");\n script_mandatory_keys(\"Oracle/VirtualBox/Win/Ver\");\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!infos = get_app_version_and_location(cpe:CPE, exit_no_version:TRUE)) exit(0);\nvirtualVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:virtualVer, test_version:\"5.2.22\")){\n fix = \"5.2.22\";\n}\n\nelse if(virtualVer =~ \"^6\\.0\")\n{\n if(version_is_less(version:virtualVer, test_version:\"6.0.2\")){\n fix = \"6.0.2\";\n }\n}\n\nif(fix)\n{\n report = report_fixed_ver( installed_version:virtualVer, fixed_version:fix, install_path:path);\n security_message(data:report);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-05-29T18:32:22", "description": "The remote host is missing an update for\n the ", "cvss3": {}, "published": "2019-01-24T00:00:00", "type": "openvas", "title": "Ubuntu Update for mysql-5.7 USN-3867-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2529", "CVE-2019-2532", "CVE-2019-2531", "CVE-2019-2528", "CVE-2019-2434", "CVE-2019-2486", "CVE-2019-2482", "CVE-2019-2420", "CVE-2019-2537", "CVE-2019-2534", "CVE-2019-2510", "CVE-2019-2507", "CVE-2019-2503", "CVE-2019-2481", "CVE-2019-2455"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310843880", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843880", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3867_1.nasl 14288 2019-03-18 16:34:17Z cfischer $\n#\n# Ubuntu Update for mysql-5.7 USN-3867-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH, http://www.greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843880\");\n script_version(\"$Revision: 14288 $\");\n script_cve_id(\"CVE-2019-2420\", \"CVE-2019-2434\", \"CVE-2019-2455\", \"CVE-2019-2481\",\n \"CVE-2019-2482\", \"CVE-2019-2486\", \"CVE-2019-2503\", \"CVE-2019-2507\",\n \"CVE-2019-2510\", \"CVE-2019-2528\", \"CVE-2019-2529\", \"CVE-2019-2531\",\n \"CVE-2019-2532\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 17:34:17 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-24 04:01:35 +0100 (Thu, 24 Jan 2019)\");\n script_name(\"Ubuntu Update for mysql-5.7 USN-3867-1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(18\\.04 LTS|18\\.10|16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"3867-1\");\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-3867-1/\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'mysql-5.7' package(s) announced via the USN-3867-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version\n is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered\n in MySQL and this update includes a new upstream MySQL version to fix these\n issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to\nMySQL 5.7.25.\n\nIn addition to security fixes, the updated packages contain bug fixes, new\nfeatures, and possibly incompatible changes.\");\n\n script_tag(name:\"affected\", value:\"mysql-5.7 on Ubuntu 18.10,\n Ubuntu 18.04 LTS,\n Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU18.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.7\", ver:\"5.7.25-0ubuntu0.18.04.2\", rls:\"UBUNTU18.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU18.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.7\", ver:\"5.7.25-0ubuntu0.18.10.2\", rls:\"UBUNTU18.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"mysql-server-5.7\", ver:\"5.7.25-0ubuntu0.16.04.2\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-08-27T12:52:34", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2494", "CVE-2019-2530", "CVE-2019-2513", "CVE-2019-2536", "CVE-2019-2539", "CVE-2019-2436", "CVE-2019-2502", "CVE-2019-2535", "CVE-2019-2533", "CVE-2019-2495"], "modified": "2019-08-26T00:00:00", "id": "OPENVAS:1361412562310112493", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112493", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112493\");\n script_version(\"2019-08-26T11:25:15+0000\");\n script_tag(name:\"last_modification\", value:\"2019-08-26 11:25:15 +0000 (Mon, 26 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-2533\", \"CVE-2019-2436\", \"CVE-2019-2536\", \"CVE-2019-2502\", \"CVE-2019-2539\",\n \"CVE-2019-2494\", \"CVE-2019-2495\", \"CVE-2019-2530\", \"CVE-2019-2535\", \"CVE-2019-2513\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"affected\", value:\"MySQL 8.0.13 and prior on Windows.\");\n\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:32", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2494", "CVE-2019-2530", "CVE-2019-2513", "CVE-2019-2536", "CVE-2019-2539", "CVE-2019-2436", "CVE-2019-2502", "CVE-2019-2535", "CVE-2019-2533", "CVE-2019-2495"], "modified": "2019-01-23T00:00:00", "id": "OPENVAS:1361412562310112492", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112492", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_mysql_jan2019-5072801_03_lin.nasl 13237 2019-01-23 10:24:40Z asteins $\n#\n# Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112492\");\n script_version(\"$Revision: 13237 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-01-23 11:24:40 +0100 (Wed, 23 Jan 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:P/A:P\");\n\n script_cve_id(\"CVE-2019-2533\", \"CVE-2019-2436\", \"CVE-2019-2536\", \"CVE-2019-2502\", \"CVE-2019-2539\",\n \"CVE-2019-2494\", \"CVE-2019-2495\", \"CVE-2019-2530\", \"CVE-2019-2535\", \"CVE-2019-2513\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"MySQL 8.0.13 and prior on Linux.\");\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:32", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2529", "CVE-2018-0734", "CVE-2019-2531", "CVE-2019-2482", "CVE-2019-2537", "CVE-2019-2534", "CVE-2019-2507", "CVE-2019-2503", "CVE-2019-2481", "CVE-2019-2455"], "modified": "2019-02-01T00:00:00", "id": "OPENVAS:1361412562310112488", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112488", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_mysql_jan2019-5072801_01_lin.nasl 13394 2019-02-01 07:36:10Z mmartin $\n#\n# Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112488\");\n script_version(\"$Revision: 13394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-01 08:36:10 +0100 (Fri, 01 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n\n script_cve_id(\"CVE-2019-2534\", \"CVE-2019-2529\", \"CVE-2019-2482\", \"CVE-2019-2455\", \"CVE-2019-2503\",\n \"CVE-2018-0734\", \"CVE-2019-2537\", \"CVE-2019-2481\", \"CVE-2019-2507\", \"CVE-2019-2531\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"MySQL 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior on Linux.\");\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"5.6\", test_version2: \"5.6.42\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"5.7\", test_version2: \"5.7.24\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:32", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2529", "CVE-2018-0734", "CVE-2019-2531", "CVE-2019-2482", "CVE-2019-2537", "CVE-2019-2534", "CVE-2019-2507", "CVE-2019-2503", "CVE-2019-2481", "CVE-2019-2455"], "modified": "2019-02-01T00:00:00", "id": "OPENVAS:1361412562310112489", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112489", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_mysql_jan2019-5072801_01_win.nasl 13394 2019-02-01 07:36:10Z mmartin $\n#\n# Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112489\");\n script_version(\"$Revision: 13394 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-02-01 08:36:10 +0100 (Fri, 01 Feb 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n\n script_cve_id(\"CVE-2019-2534\", \"CVE-2019-2529\", \"CVE-2019-2482\", \"CVE-2019-2455\", \"CVE-2019-2503\",\n \"CVE-2018-0734\", \"CVE-2019-2537\", \"CVE-2019-2481\", \"CVE-2019-2507\", \"CVE-2019-2531\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 5.6.x < 5.6.42, 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"MySQL 5.6.42 and prior, 5.7.24 and prior, 8.0.13 and prior on Windows.\");\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"5.6\", test_version2: \"5.6.42\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"5.7\", test_version2: \"5.7.24\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2020-01-31T16:52:58", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-02-06T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2019:0138-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2529", "CVE-2018-0734", "CVE-2019-2531", "CVE-2019-2482", "CVE-2019-2537", "CVE-2019-2534", "CVE-2019-2507", "CVE-2019-2503", "CVE-2019-2481", "CVE-2019-2455"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852272", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852272", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852272\");\n script_version(\"2020-01-31T08:23:39+0000\");\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_tag(name:\"cvss_base\", value:\"5.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:23:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-02-06 04:05:05 +0100 (Wed, 06 Feb 2019)\");\n script_name(\"openSUSE: Security Advisory for mysql-community-server (openSUSE-SU-2019:0138-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:0138-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-02/msg00005.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mysql-community-server'\n package(s) announced via the openSUSE-SU-2019:0138-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for mysql-community-server to version 5.6.43 fixes the\n following issues:\n\n Security issues fixed:\n\n - CVE-2019-2534, CVE-2019-2529, CVE-2019-2482, CVE-2019-2455,\n CVE-2019-2503, CVE-2019-2537, CVE-2019-2481, CVE-2019-2507,\n CVE-2019-2531, CVE-2018-0734 (boo#1113652, boo#1122198)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-138=1\");\n\n script_tag(name:\"affected\", value:\"mysql-community-server on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client18\", rpm:\"libmysql56client18~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client18-debuginfo\", rpm:\"libmysql56client18-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client_r18\", rpm:\"libmysql56client_r18~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server\", rpm:\"mysql-community-server~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-bench\", rpm:\"mysql-community-server-bench~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-bench-debuginfo\", rpm:\"mysql-community-server-bench-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-client\", rpm:\"mysql-community-server-client~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-client-debuginfo\", rpm:\"mysql-community-server-client-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-debuginfo\", rpm:\"mysql-community-server-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-debugsource\", rpm:\"mysql-community-server-debugsource~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-test\", rpm:\"mysql-community-server-test~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-test-debuginfo\", rpm:\"mysql-community-server-test-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-tools\", rpm:\"mysql-community-server-tools~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-tools-debuginfo\", rpm:\"mysql-community-server-tools-debuginfo~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client18-32bit\", rpm:\"libmysql56client18-32bit~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client18-debuginfo-32bit\", rpm:\"libmysql56client18-debuginfo-32bit~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libmysql56client_r18-32bit\", rpm:\"libmysql56client_r18-32bit~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"mysql-community-server-errormessages\", rpm:\"mysql-community-server-errormessages~5.6.43~45.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2019-05-29T18:32:32", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2532", "CVE-2019-2528", "CVE-2019-2434", "CVE-2019-2486", "CVE-2019-2420", "CVE-2019-2510"], "modified": "2019-01-23T00:00:00", "id": "OPENVAS:1361412562310112490", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112490", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_mysql_jan2019-5072801_02_lin.nasl 13237 2019-01-23 10:24:40Z asteins $\n#\n# Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112490\");\n script_version(\"$Revision: 13237 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-01-23 11:24:40 +0100 (Wed, 23 Jan 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2019-2434\", \"CVE-2019-2510\", \"CVE-2019-2420\",\n \"CVE-2019-2528\", \"CVE-2019-2486\", \"CVE-2019-2532\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Linux\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_unixoide\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"MySQL 5.7.24 and prior, 8.0.13 and prior on Linux.\");\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"5.7\", test_version2: \"5.7.24\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:32", "description": "Oracle MySQL is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-16T00:00:00", "type": "openvas", "title": "Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-2532", "CVE-2019-2528", "CVE-2019-2434", "CVE-2019-2486", "CVE-2019-2420", "CVE-2019-2510"], "modified": "2019-01-23T00:00:00", "id": "OPENVAS:1361412562310112491", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310112491", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_oracle_mysql_jan2019-5072801_02_win.nasl 13237 2019-01-23 10:24:40Z asteins $\n#\n# Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\n#\n# Authors:\n# Adrian Steins <adrian.steins@greenbone.net>\n#\n# Copyright:\n# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.112491\");\n script_version(\"$Revision: 13237 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-01-23 11:24:40 +0100 (Wed, 23 Jan 2019) $\");\n script_tag(name:\"creation_date\", value:\"2019-01-16 13:12:11 +0100 (Wed, 16 Jan 2019)\");\n script_tag(name:\"cvss_base\", value:\"4.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:S/C:N/I:N/A:P\");\n\n script_cve_id(\"CVE-2019-2434\", \"CVE-2019-2510\", \"CVE-2019-2420\",\n \"CVE-2019-2528\", \"CVE-2019-2486\", \"CVE-2019-2532\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Oracle MySQL 5.7.x < 5.7.24, 8.0.x < 8.0.13 Security Update (2019-5072801) Windows\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"This script is Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Databases\");\n script_dependencies(\"mysql_version.nasl\", \"os_detection.nasl\");\n script_mandatory_keys(\"MySQL/installed\", \"Host/runs_windows\");\n\n script_tag(name:\"summary\", value:\"Oracle MySQL is prone to multiple vulnerabilities.\");\n script_tag(name:\"insight\", value:\"The attacks range in variety and difficulty. Most of them allow an attacker\n with network access via multiple protocols to compromise the MySQL Server.\n\n For further information refer to the official advisory via the referenced link.\");\n script_tag(name:\"impact\", value:\"Successful exploitation of this vulnerability can result in unauthorized\n access to critical data or complete access to all MySQL Server accessible data and unauthorized ability\n to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"MySQL 5.7.24 and prior, 8.0.13 and prior on Windows.\");\n script_tag(name:\"solution\", value:\"Updates are available. Apply the necessary patch from the referenced link.\");\n\n script_xref(name:\"URL\", value:\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:oracle:mysql\";\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif(!port = get_app_port(cpe: CPE))\n exit(0);\n\nif(!infos = get_app_version_and_location(cpe: CPE, port: port, exit_no_version: TRUE))\n exit(0);\n\nvers = infos['version'];\npath = infos['location'];\n\nif(version_in_range(version: vers, test_version: \"5.7\", test_version2: \"5.7.24\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nif(version_in_range(version: vers, test_version: \"8.0\", test_version2: \"8.0.13\")) {\n report = report_fixed_ver(installed_version: vers, fixed_version: \"Apply the patch\", install_path: path);\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2019-07-04T18:56:07", "description": "Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.", "cvss3": {}, "published": "2018-11-30T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4348-1 (openssl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0735", "CVE-2018-0737"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704348", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704348", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4348-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704348\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_name(\"Debian Security Advisory DSA 4348-1 (openssl - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-11-30 00:00:00 +0100 (Fri, 30 Nov 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4348.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openssl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 1.1.0j-1~deb9u1. Going forward, openssl security updates for\nstretch will be based on the 1.1.0x upstream releases.\n\nWe recommend that you upgrade your openssl packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/openssl\");\n script_tag(name:\"summary\", value:\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libssl-dev\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.1\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"openssl\", ver:\"1.1.0j-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-29T19:25:01", "description": "Several deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.", "cvss3": {}, "published": "2019-03-04T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for jackson-databind (DLA-1703-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891703", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891703\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\",\n \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n script_name(\"Debian LTS: Security Advisory for jackson-databind (DLA-1703-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-03-04 00:00:00 +0100 (Mon, 04 Mar 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_tag(name:\"affected\", value:\"jackson-databind on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"summary\", value:\"Several deserialization flaws were discovered in jackson-databind, a fast\nand powerful JSON library for Java, which could allow an unauthenticated\nuser to perform code execution. The issue was resolved by extending\nthe blacklist and blocking more classes from polymorphic deserialization.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.4.2-2+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.4.2-2+deb8u5\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:32:25", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-05-26T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4452-1 (jackson-databind - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19362", "CVE-2019-12086", "CVE-2018-19361", "CVE-2018-14719", "CVE-2018-11307", "CVE-2018-14720", "CVE-2018-14718", "CVE-2018-12022", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-12023"], "modified": "2019-05-26T00:00:00", "id": "OPENVAS:1361412562310704452", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704452", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704452\");\n script_version(\"2019-05-26T02:00:15+0000\");\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2019-12086\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-26 02:00:15 +0000 (Sun, 26 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-26 02:00:15 +0000 (Sun, 26 May 2019)\");\n script_name(\"Debian Security Advisory DSA 4452-1 (jackson-databind - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4452.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4452-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jackson-databind'\n package(s) announced via the DSA-4452-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues were found in jackson-databind, a Java library\nto parse JSON and other data formats which could result in information\ndisclosure or the execution of arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'jackson-databind' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 2.8.6-1+deb9u5.\n\nWe recommend that you upgrade your jackson-databind packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java\", ver:\"2.8.6-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libjackson2-databind-java-doc\", ver:\"2.8.6-1+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:33:01", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1203)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2016-9586", "CVE-2018-1000301"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181203", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181203", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1203\");\n script_version(\"2020-01-23T11:17:20+0000\");\n script_cve_id(\"CVE-2016-9586\", \"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\", \"CVE-2018-1000301\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:17:20 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:17:20 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1203)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1203\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1203\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'curl' package(s) announced via the EulerOS-SA-2018-1203 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior.(CVE-2018-1000120)\n\nA NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.(CVE-2018-1000121)\n\nA buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage(CVE-2018-1000122)\n\ncurl version curl 7.20.0 to and including curl 7.59.0 contains a Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded rtsp content.(CVE-2018-1000301)\n\ncurl version curl 7.20.0 to and including curl 7.59.0 contains a Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded rtsp content.(CVE-2016-9586)\");\n\n script_tag(name:\"affected\", value:\"'curl' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~35.h20\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.29.0~35.h20\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.29.0~35.h20\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:56:36", "description": "Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.", "cvss3": {}, "published": "2018-12-19T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4355-1 (openssl1.0 - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0737"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704355", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704355", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4355-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704355\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_name(\"Debian Security Advisory DSA 4355-1 (openssl1.0 - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-12-19 00:00:00 +0100 (Wed, 19 Dec 2018)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4355.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB9\");\n script_tag(name:\"affected\", value:\"openssl1.0 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (stretch), these problems have been fixed in\nversion 1.0.2q-1~deb9u1. Going forward, openssl1.0 security updates for\nstretch will be based on the 1.0.2x upstream releases.\n\nWe recommend that you upgrade your openssl1.0 packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/openssl1.0\");\n script_tag(name:\"summary\", value:\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libcrypto1.0.2-udeb\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0-dev\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.2\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libssl1.0.2-udeb\", ver:\"1.0.2q-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:04", "description": "This host is running Nessus and is prone to\n multiple vulnerabilities.", "cvss3": {}, "published": "2019-01-09T00:00:00", "type": "openvas", "title": "Tenable Nessus < 7.1.4 Multiple Vulnerabilities(tns-2018-17)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-5407", "CVE-2018-0737"], "modified": "2019-05-03T00:00:00", "id": "OPENVAS:1361412562310107444", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310107444", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:tenable:nessus\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.107444\");\n script_version(\"2019-05-03T08:55:39+0000\");\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-03 08:55:39 +0000 (Fri, 03 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-01-09 12:29:11 +0100 (Wed, 09 Jan 2019)\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n script_name(\"Tenable Nessus < 7.1.4 Multiple Vulnerabilities(tns-2018-17)\");\n\n script_tag(name:\"summary\", value:\"This host is running Nessus and is prone to\n multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tenable Nessus is affected by multiple vulnerabilities:\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's key handling during a TLS handshake that causes a denial of service vulnerability due to key handling during a TLS handshake. (CVE-2018-0732)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack.\nAn attacker could leverage this vulnerability to recover the private key. (CVE-2018-0734)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's RSA Key generation algorithm that allows a cache timing side channel attack to recover the private key. (CVE-2018-0737)\n\n - Tenable Nessus contains a flaw in the bundled third-party component OpenSSL library's Simultaneous Multithreading (SMT) architectures which render it vulnerable to side-channel leakage. This issue is known as 'PortSmash'. An attacker could possibly use this issue to perform a timing side-channel attack and recover private keys. (CVE-2018-5407)\");\n\n script_tag(name:\"impact\", value:\"An attacker could leverage this vulnerability to recover the private key and could possibly use this issue to perform a timing side-channel attack and recover private keys.\");\n\n script_tag(name:\"affected\", value:\"Nessus versions prior to version 7.1.4.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to nessus version 7.1.4 or later. Please see the references for more information.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com\");\n script_xref(name:\"URL\", value:\"https://www.tenable.com/security/tns-2018-17\");\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_category(ACT_GATHER_INFO);\n script_family(\"Web application abuses\");\n script_dependencies(\"gb_nessus_web_server_detect.nasl\");\n script_mandatory_keys(\"nessus/installed\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif(!nesPort = get_app_port(cpe:CPE)){\n exit(0);\n}\n\nif(!infos = get_app_version_and_location(cpe:CPE, port:nesPort, exit_no_version:TRUE)) exit(0);\n\nnesVer = infos['version'];\npath = infos['location'];\n\nif(version_is_less(version:nesVer, test_version:\"7.1.4\"))\n{\n report = report_fixed_ver(installed_version:nesVer, fixed_version:\"7.1.4\", install_path:path);\n security_message(data:report, port:nesPort);\n exit(0);\n}\nexit(99);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:37:06", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1110)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181110", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181110", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1110\");\n script_version(\"2020-01-23T11:12:53+0000\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:12:53 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:12:53 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1110)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1110\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1110\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'curl' package(s) announced via the EulerOS-SA-2018-1110 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior.(CVE-2018-1000120)\n\nA NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.(CVE-2018-1000121)\n\nA buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage(CVE-2018-1000122)\");\n\n script_tag(name:\"affected\", value:\"'curl' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~35.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.29.0~35.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.29.0~35.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:17", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1109)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181109", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181109", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1109\");\n script_version(\"2020-01-23T11:12:50+0000\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:12:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:12:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for curl (EulerOS-SA-2018-1109)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1109\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1109\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'curl' package(s) announced via the EulerOS-SA-2018-1109 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was found that libcurl did not safely parse FTP URLs when using the CURLOPT_FTP_FILEMETHOD method. An attacker, able to provide a specially crafted FTP URL to an application using libcurl, could write a NULL byte at an arbitrary location, resulting in a crash, or an unspecified behavior.(CVE-2018-1000120)\n\nA NULL pointer dereference flaw was found in the way libcurl checks values returned by the openldap ldap_get_attribute_ber() function. A malicious LDAP server could use this flaw to crash a libcurl client application via a specially crafted LDAP reply.(CVE-2018-1000121)\n\nA buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage(CVE-2018-1000122)\");\n\n script_tag(name:\"affected\", value:\"'curl' package(s) on Huawei EulerOS V2.0SP1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.29.0~35.h18\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.29.0~35.h18\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.29.0~35.h18\", rls:\"EULEROS-2.0SP1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T20:10:34", "description": "Multiple vulnerabilities were found in cURL, an URL transfer library:\n\nCVE-2018-1000120\n\nDuy Phan Thanh reported that curl could be fooled into writing a zero byte\nout of bounds when curl was told to work on an FTP URL, with the setting to\nonly issue a single CWD command. The issue could be triggered if the\ndirectory part of the URL contained a ", "cvss3": {}, "published": "2018-03-27T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for curl (DLA-1309-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891309", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891309", "sourceData": "# Copyright (C) 2018 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891309\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_name(\"Debian LTS: Security Advisory for curl (DLA-1309-1)\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2018-03-27 00:00:00 +0200 (Tue, 27 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2018/03/msg00012.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB7\");\n\n script_tag(name:\"affected\", value:\"curl on Debian Linux\");\n\n script_tag(name:\"solution\", value:\"For Debian 7 'Wheezy', these problems have been fixed in version\n7.26.0-1+wheezy25.\n\nWe recommend that you upgrade your curl packages.\");\n\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were found in cURL, an URL transfer library:\n\nCVE-2018-1000120\n\nDuy Phan Thanh reported that curl could be fooled into writing a zero byte\nout of bounds when curl was told to work on an FTP URL, with the setting to\nonly issue a single CWD command. The issue could be triggered if the\ndirectory part of the URL contained a '%00' sequence.\n\nCVE-2018-1000121\n\nDario Weisser reported that curl might dereference a near-NULL address when\ngetting an LDAP URL. A malicious server that sends a particularly crafted\nresponse could made crash applications that allowed LDAP URL relying on\nlibcurl.\n\nCVE-2018-1000122\n\nOSS-fuzz and Max Dymond found that curl can be tricked into copying data\nbeyond the end of its heap based buffer when asked to transfer an RTSP URL.\ncurl could calculate a wrong data length to copy from the read buffer.\nThis could lead to information leakage or a denial of service.\");\n\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"curl\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-nss-dev\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.26.0-1+wheezy25\", rls:\"DEB7\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:19", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-16T00:00:00", "type": "openvas", "title": "Ubuntu Update for curl USN-3598-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310843476", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310843476", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_3598_1.nasl 14140 2019-03-13 12:26:09Z cfischer $\n#\n# Ubuntu Update for curl USN-3598-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.843476\");\n script_version(\"$Revision: 14140 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 13:26:09 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-16 08:58:31 +0100 (Fri, 16 Mar 2018)\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Ubuntu Update for curl USN-3598-1\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'curl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"insight\", value:\"Phan Thanh discovered that curl incorrectly\nhandled certain FTP paths. An attacker could use this to cause a denial of service\nor possibly execute arbitrary code. (CVE-2018-1000120)\n\nDario Weisser discovered that curl incorrectly handled certain LDAP URLs.\nAn attacker could possibly use this issue to cause a denial of service.\n(CVE-2018-1000121)\n\nMax Dymond discovered that curl incorrectly handled certain RTSP data. An\nattacker could possibly use this to cause a denial of service or even to\nget access to sensitive data. (CVE-2018-1000122)\");\n script_tag(name:\"affected\", value:\"curl on Ubuntu 17.10,\n Ubuntu 16.04 LTS,\n Ubuntu 14.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n\n script_xref(name:\"USN\", value:\"3598-1\");\n script_xref(name:\"URL\", value:\"https://usn.ubuntu.com/usn/usn-3598-1\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(14\\.04 LTS|17\\.10|16\\.04 LTS)\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU14.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3:i386\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3:amd64\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-gnutls:i386\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-gnutls:amd64\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-nss:i386\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-nss:amd64\", ver:\"7.35.0-1ubuntu2.15\", rls:\"UBUNTU14.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU17.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.55.1-1ubuntu2.4\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.55.1-1ubuntu2.4\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.55.1-1ubuntu2.4\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.55.1-1ubuntu2.4\", rls:\"UBUNTU17.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU16.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.47.0-1ubuntu2.7\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.47.0-1ubuntu2.7\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.47.0-1ubuntu2.7\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.47.0-1ubuntu2.7\", rls:\"UBUNTU16.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-07-04T18:55:44", "description": "Multiple vulnerabilities were discovered in cURL, an URL transfer library.\n\nCVE-2018-1000120\nDuy Phan Thanh discovered that curl could be fooled into writing a\nzero byte out of bounds when curl is told to work on an FTP URL with\nthe setting to only issue a single CWD command, if the directory part\nof the URL contains a ", "cvss3": {}, "published": "2018-03-14T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4136-1 (curl - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2019-07-04T00:00:00", "id": "OPENVAS:1361412562310704136", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704136", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Auto-generated from advisory DSA 4136-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License as published by\n# the Free Software Foundation; either version 2 of the License, or\n# (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704136\");\n script_version(\"2019-07-04T09:25:28+0000\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_name(\"Debian Security Advisory DSA 4136-1 (curl - security update)\");\n script_tag(name:\"last_modification\", value:\"2019-07-04 09:25:28 +0000 (Thu, 04 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2018-03-14 00:00:00 +0100 (Wed, 14 Mar 2018)\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2018/dsa-4136.html\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2018 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(9|8)\");\n script_tag(name:\"affected\", value:\"curl on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (jessie), these problems have been fixed\nin version 7.38.0-4+deb8u10.\n\nFor the stable distribution (stretch), these problems have been fixed in\nversion 7.52.1-5+deb9u5.\n\nWe recommend that you upgrade your curl packages.\");\n\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/curl\");\n script_tag(name:\"summary\", value:\"Multiple vulnerabilities were discovered in cURL, an URL transfer library.\n\nCVE-2018-1000120\nDuy Phan Thanh discovered that curl could be fooled into writing a\nzero byte out of bounds when curl is told to work on an FTP URL with\nthe setting to only issue a single CWD command, if the directory part\nof the URL contains a '%00' sequence.\n\nCVE-2018-1000121\nDario Weisser discovered that curl might dereference a near-NULL\naddress when getting an LDAP URL due to the ldap_get_attribute_ber()\nfunction returning LDAP_SUCCESS and a NULL pointer. A malicious server\nmight cause libcurl-using applications that allow LDAP URLs, or that\nallow redirects to LDAP URLs to crash.\n\nCVE-2018-1000122\nOSS-fuzz, assisted by Max Dymond, discovered that curl could be\ntricked into copying data beyond the end of its heap based buffer\nwhen asked to transfer an RTSP URL.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"curl\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-doc\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-nss-dev\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.52.1-5+deb9u5\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"curl\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl3-nss\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-doc\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-nss-dev\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.38.0-4+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:08", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-21T00:00:00", "type": "openvas", "title": "Fedora Update for curl FEDORA-2018-66c96e0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874266", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874266", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_66c96e0024_curl_fc26.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for curl FEDORA-2018-66c96e0024\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874266\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-21 15:13:14 +0100 (Wed, 21 Mar 2018)\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for curl FEDORA-2018-66c96e0024\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'curl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"curl on Fedora 26\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-66c96e0024\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MHIV67XNYKO7Y7PXNBXALTBG73EDR67R\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC26\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC26\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.53.1~16.fc26\", rls:\"FC26\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:33:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2018-03-21T00:00:00", "type": "openvas", "title": "Fedora Update for curl FEDORA-2018-8877b4ccac", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310874256", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310874256", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_fedora_2018_8877b4ccac_curl_fc27.nasl 14223 2019-03-15 13:49:35Z cfischer $\n#\n# Fedora Update for curl FEDORA-2018-8877b4ccac\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2018 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.874256\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2018-03-21 15:11:08 +0100 (Wed, 21 Mar 2018)\");\n script_cve_id(\"CVE-2018-1000120\", \"CVE-2018-1000121\", \"CVE-2018-1000122\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for curl FEDORA-2018-8877b4ccac\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'curl'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"curl on Fedora 27\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_xref(name:\"FEDORA\", value:\"2018-8877b4ccac\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4OINLOP7YVADCIGSEIO522TV6L23YOKT\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2018 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC27\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC27\")\n{\n\n if ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.55.1~10.fc27\", rls:\"FC27\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:37:02", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1009)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0495", "CVE-2017-3735", "CVE-2018-0739", "CVE-2018-0737"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191009", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191009", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1009\");\n script_version(\"2020-01-23T11:27:08+0000\");\n script_cve_id(\"CVE-2017-3735\", \"CVE-2018-0495\", \"CVE-2018-0732\", \"CVE-2018-0737\", \"CVE-2018-0739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:27:08 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:27:08 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2019-1009)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1009\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1009\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2019-1009 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\nopenssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\nopenssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739)\n\nopenssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)\n\nopenssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:37:52", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2018-1392)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-0732", "CVE-2018-0495", "CVE-2017-3735", "CVE-2018-0739", "CVE-2018-0737"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181392", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181392", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1392\");\n script_version(\"2020-01-23T11:24:20+0000\");\n script_cve_id(\"CVE-2017-3735\", \"CVE-2018-0495\", \"CVE-2018-0732\", \"CVE-2018-0737\", \"CVE-2018-0739\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:24:20 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:24:20 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2018-1392)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1392\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1392\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'openssl' package(s) announced via the EulerOS-SA-2018-1392 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"openssl: ROHNP - Key Extraction Side Channel in Multiple Crypto Libraries (CVE-2018-0495)\n\nopenssl: Malicious server can send large prime to client during DH(E) TLS handshake causing the client to hang (CVE-2018-0732)\n\nopenssl: Handling of crafted recursive ASN.1 structures can cause a stack overflow and resulting denial of service (CVE-2018-0739)\n\nopenssl: Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735)\n\nopenssl: RSA key generation cache timing vulnerability in crypto/rsa/rsa_gen.c allows attackers to recover private keys (CVE-2018-0737)\");\n\n script_tag(name:\"affected\", value:\"'openssl' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl\", rpm:\"openssl~1.0.2k~16.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-devel\", rpm:\"openssl-devel~1.0.2k~16.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"openssl-libs\", rpm:\"openssl-libs~1.0.2k~16.h2\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}], "nessus": [{"lastseen": "2023-01-11T14:45:57", "description": "This update for virtualbox version 5.2.24 fixes the following issues :\n\nUpdate fixes multiple vulnerabilities :\n\nCVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309, CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446, CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506, and CVE-2019-2553 (boo#1122212).\n\nNon-security issues fixed :\n\n - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel, contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching SuperSpeed devices which report USB version 3.1 (rather than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by Windows 10 Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle build desktop files \n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with older kernels", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-01-28T00:00:00", "type": "nessus", "title": "openSUSE Security Update : virtualbox (openSUSE-2019-84)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-3309", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2500", "CVE-2019-2501", "CVE-2019-2504", "CVE-2019-2505", "CVE-2019-2506", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2520", "CVE-2019-2521", "CVE-2019-2522", "CVE-2019-2523", "CVE-2019-2524", "CVE-2019-2525", "CVE-2019-2526", "CVE-2019-2527", "CVE-2019-2548", "CVE-2019-2552", "CVE-2019-2553", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python-virtualbox", "p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-source", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-vnc", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-84.NASL", "href": "https://www.tenable.com/plugins/nessus/121411", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-84.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121411);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-11763\", \"CVE-2018-11784\", \"CVE-2018-3309\", \"CVE-2019-2446\", \"CVE-2019-2448\", \"CVE-2019-2450\", \"CVE-2019-2451\", \"CVE-2019-2500\", \"CVE-2019-2501\", \"CVE-2019-2504\", \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2511\", \"CVE-2019-2520\", \"CVE-2019-2521\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2524\", \"CVE-2019-2525\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2548\", \"CVE-2019-2552\", \"CVE-2019-2553\", \"CVE-2019-2554\", \"CVE-2019-2555\", \"CVE-2019-2556\");\n\n script_name(english:\"openSUSE Security Update : virtualbox (openSUSE-2019-84)\");\n script_summary(english:\"Check for the openSUSE-2019-84 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for virtualbox version 5.2.24 fixes the following issues :\n\nUpdate fixes multiple vulnerabilities :\n\nCVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,\nCVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523,\nCVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511,\nCVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450,\nCVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556\nCVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,\nCVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505,\nCVE-2019-2506, and CVE-2019-2553 (boo#1122212).\n\nNon-security issues fixed :\n\n - Linux Additions: fix for building vboxvideo on EL 7.6\n standard kernel, contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching\n SuperSpeed devices which report USB version 3.1 (rather\n than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by\n Windows 10 Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle\n build desktop files \n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with\n older kernels\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122212\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected virtualbox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2552\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-vnc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"python-virtualbox-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"python-virtualbox-debuginfo-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-debuginfo-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-debugsource-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-devel-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-desktop-icons-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-kmp-default-5.2.24_k4.4.165_81-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-kmp-default-debuginfo-5.2.24_k4.4.165_81-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-source-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-tools-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-tools-debuginfo-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-x11-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-guest-x11-debuginfo-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-host-kmp-default-5.2.24_k4.4.165_81-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-host-kmp-default-debuginfo-5.2.24_k4.4.165_81-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-host-source-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-qt-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-qt-debuginfo-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-vnc-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-websrv-5.2.24-66.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"virtualbox-websrv-debuginfo-5.2.24-66.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python-virtualbox / python-virtualbox-debuginfo / virtualbox / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:17:19", "description": "This update for virtualbox to version 5.2.24 fixes the following issues :\n\nMultiple security issues fixed :\n\nCVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309, CVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511, CVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450, CVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556 CVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446, CVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506, and CVE-2019-2553 (bsc#1122212).\n\nOther issues fixed :\n\n - Linux Additions: fix for building vboxvideo on EL 7.6 standard kernel, contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching SuperSpeed devices which report USB version 3.1 (rather than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by Windows 10 Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle build desktop files \n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with older kernels", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-06-12T00:00:00", "type": "nessus", "title": "openSUSE Security Update : virtualbox (openSUSE-2019-1547)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-11763", "CVE-2018-11784", "CVE-2018-3309", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2500", "CVE-2019-2501", "CVE-2019-2504", "CVE-2019-2505", "CVE-2019-2506", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2520", "CVE-2019-2521", "CVE-2019-2522", "CVE-2019-2523", "CVE-2019-2524", "CVE-2019-2525", "CVE-2019-2526", "CVE-2019-2527", "CVE-2019-2548", "CVE-2019-2552", "CVE-2019-2553", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:python3-virtualbox", "p-cpe:/a:novell:opensuse:python3-virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox", "p-cpe:/a:novell:opensuse:virtualbox-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-debugsource", "p-cpe:/a:novell:opensuse:virtualbox-devel", "p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-source", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools", "p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11", "p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default", "p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-host-source", "p-cpe:/a:novell:opensuse:virtualbox-qt", "p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo", "p-cpe:/a:novell:opensuse:virtualbox-vnc", "p-cpe:/a:novell:opensuse:virtualbox-websrv", "p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1547.NASL", "href": "https://www.tenable.com/plugins/nessus/125844", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1547.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(125844);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2018-11763\", \"CVE-2018-11784\", \"CVE-2018-3309\", \"CVE-2019-2446\", \"CVE-2019-2448\", \"CVE-2019-2450\", \"CVE-2019-2451\", \"CVE-2019-2500\", \"CVE-2019-2501\", \"CVE-2019-2504\", \"CVE-2019-2505\", \"CVE-2019-2506\", \"CVE-2019-2508\", \"CVE-2019-2509\", \"CVE-2019-2511\", \"CVE-2019-2520\", \"CVE-2019-2521\", \"CVE-2019-2522\", \"CVE-2019-2523\", \"CVE-2019-2524\", \"CVE-2019-2525\", \"CVE-2019-2526\", \"CVE-2019-2527\", \"CVE-2019-2548\", \"CVE-2019-2552\", \"CVE-2019-2553\", \"CVE-2019-2554\", \"CVE-2019-2555\", \"CVE-2019-2556\");\n\n script_name(english:\"openSUSE Security Update : virtualbox (openSUSE-2019-1547)\");\n script_summary(english:\"Check for the openSUSE-2019-1547 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for virtualbox to version 5.2.24 fixes the following\nissues :\n\nMultiple security issues fixed :\n\nCVE-2019-2500, CVE-2019-2524, CVE-2019-2552, CVE-2018-3309,\nCVE-2019-2520 CVE-2019-2521, CVE-2019-2522, CVE-2019-2523,\nCVE-2019-2526, CVE-2019-2548 CVE-2018-11763, CVE-2019-2511,\nCVE-2019-2508, CVE-2019-2509, CVE-2019-2527 CVE-2019-2450,\nCVE-2019-2451, CVE-2019-2555, CVE-2019-2554, CVE-2019-2556\nCVE-2018-11784, CVE-2018-0734, CVE-2019-2525, CVE-2019-2446,\nCVE-2019-2448 CVE-2019-2501, CVE-2019-2504, CVE-2019-2505,\nCVE-2019-2506, and CVE-2019-2553 (bsc#1122212).\n\nOther issues fixed :\n\n - Linux Additions: fix for building vboxvideo on EL 7.6\n standard kernel, contributed by Robert Conde\n\n - USB: fixed a problem causing failures attaching\n SuperSpeed devices which report USB version 3.1 (rather\n than 3.0) on Windows hosts\n\n - Audio: added support for surround speaker setups used by\n Windows 10 Build 1809\n\n - Linux hosts: fixed conflict between Debian and Oracle\n build desktop files \n\n - Linux guests: fixed building drivers on SLES 12.4\n\n - Linux guests: fixed building shared folder driver with\n older kernels\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122212\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected virtualbox packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2552\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:python3-virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-desktop-icons\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-guest-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-host-source\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-qt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-vnc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:virtualbox-websrv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/09/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-virtualbox-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"python3-virtualbox-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-debugsource-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-devel-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-desktop-icons-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-kmp-default-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-kmp-default-debuginfo-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-source-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-tools-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-tools-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-x11-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-guest-x11-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-host-kmp-default-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-host-kmp-default-debuginfo-5.2.24_k4.12.14_lp150.12.61-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-host-source-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-qt-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-qt-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-vnc-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-websrv-5.2.24-lp150.4.33.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"virtualbox-websrv-debuginfo-5.2.24-lp150.4.33.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"python3-virtualbox / python3-virtualbox-debuginfo / virtualbox / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-01T15:10:24", "description": "Oracle reports :\n\nPlease reference CVE/URL list for details\n\nNot all listed CVE's are present in all versions/flavors", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-28T00:00:00", "type": "nessus", "title": "FreeBSD : MySQL -- multiple vulnerabilities (d3d02d3a-2242-11e9-b95c-b499baebfeaf)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2436", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2494", "CVE-2019-2495", "CVE-2019-2502", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2513", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2530", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2533", "CVE-2019-2534", "CVE-2019-2535", "CVE-2019-2536", "CVE-2019-2537", "CVE-2019-2539"], "modified": "2020-02-20T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:mariadb100-server", "p-cpe:/a:freebsd:freebsd:mariadb101-server", "p-cpe:/a:freebsd:freebsd:mariadb102-server", "p-cpe:/a:freebsd:freebsd:mariadb103-server", "p-cpe:/a:freebsd:freebsd:mariadb55-server", "p-cpe:/a:freebsd:freebsd:mysql55-server", "p-cpe:/a:freebsd:freebsd:mysql56-server", "p-cpe:/a:freebsd:freebsd:mysql57-server", "p-cpe:/a:freebsd:freebsd:mysql80-server", "p-cpe:/a:freebsd:freebsd:percona55-server", "p-cpe:/a:freebsd:freebsd:percona56-server", "p-cpe:/a:freebsd:freebsd:percona57-server", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_D3D02D3A224211E9B95CB499BAEBFEAF.NASL", "href": "https://www.tenable.com/plugins/nessus/121406", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121406);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/20\");\n\n script_cve_id(\"CVE-2019-2420\", \"CVE-2019-2434\", \"CVE-2019-2436\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2486\", \"CVE-2019-2494\", \"CVE-2019-2495\", \"CVE-2019-2502\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2510\", \"CVE-2019-2513\", \"CVE-2019-2528\", \"CVE-2019-2529\", \"CVE-2019-2530\", \"CVE-2019-2531\", \"CVE-2019-2532\", \"CVE-2019-2533\", \"CVE-2019-2534\", \"CVE-2019-2535\", \"CVE-2019-2536\", \"CVE-2019-2537\", \"CVE-2019-2539\");\n\n script_name(english:\"FreeBSD : MySQL -- multiple vulnerabilities (d3d02d3a-2242-11e9-b95c-b499baebfeaf)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Oracle reports :\n\nPlease reference CVE/URL list for details\n\nNot all listed CVE's are present in all versions/flavors\"\n );\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixMSQL\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f1896059\"\n );\n # https://vuxml.freebsd.org/freebsd/d3d02d3a-2242-11e9-b95c-b499baebfeaf.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?639e25f4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2534\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb100-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb101-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb102-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb103-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mariadb55-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql55-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mysql80-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona55-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:percona57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mariadb55-server<5.5.63\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb100-server<10.0.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb101-server<10.1.38\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb102-server<10.2.22\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mariadb103-server<10.3.13\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql55-server<5.5.63\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql56-server<5.6.43\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql57-server<5.7.25\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"mysql80-server<8.0.14\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona55-server<5.5.63\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona56-server<5.6.43\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"percona57-server<5.7.25\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-02-17T23:09:23", "description": "Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 8.0.13, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see Oracle's Critical Patch Update advisory for further details. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-16T00:00:00", "type": "nessus", "title": "Oracle MySQL 8.0.x < 8.0.13 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2436", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2494", "CVE-2019-2495", "CVE-2019-2502", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2513", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2530", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2533", "CVE-2019-2534", "CVE-2019-2535", "CVE-2019-2536", "CVE-2019-2537", "CVE-2019-2539"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700390.PRM", "href": "https://www.tenable.com/plugins/nnm/700390", "sourceData": "Binary data 700390.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:21", "description": "The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.24 or 6.0.x prior to 6.0.2. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory :\n\n - A denial of service vulnerability in the bundled third-party component OpenSSL library's DSA signature algorithm that renders it vulnerable to a timing side channel attack. An attacker could leverage this vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - Multiple unspecified vulnerabilities in the Core component of Oracle VirtualBox could allow an authenticated, local attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. (CVE-2018-3309, CVE-2019-2500, CVE-2019-2520, CVE-2019-2521, CVE-2019-2522, CVE-2019-2523, CVE-2019-2524, CVE-2019-2526, CVE-2019-2548, CVE-2019-2552)\n\n - Multiple unspecified vulnerabilities in the Core component of Oracle VirtualBox could allow an authenticated, local attacker with logon to the infrastructure where Oracle VM VirtualBox executes to potentially expose critical or confidential data.\n (CVE-2019-2446, CVE-2019-2448, CVE-2019-2450, CVE-2019-2451, CVE-2019-2501, CVE-2019-2504, CVE-2019-2505, CVE-2019-2506, CVE-2019-2525, CVE-2019-2553, CVE-2019-2554, CVE-2019-2555, CVE-2019-2556)\n\n - Multiple denial of service vulnerabilities in the Core component of Oracle VirtualBox could allow an authenticated, local attacker with logon to the infrastructure where Oracle VM VirtualBox executes to cause a denial of service condition. (CVE-2019-2508, CVE-2019-2509, CVE-2019-2527)\n\n - An denial of service vulnerabilities with the SOAP protocol in the Core component of Oracle VirtualBox could allow an unauthenticated, remote attacker, to potentially a denial of service condition.\n (CVE-2019-2511)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.0, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-01-18T00:00:00", "type": "nessus", "title": "Oracle VM VirtualBox 5.2.x < 5.2.24 / 6.0.x < 6.0.2 (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-3309", "CVE-2018-5407", "CVE-2019-2446", "CVE-2019-2448", "CVE-2019-2450", "CVE-2019-2451", "CVE-2019-2500", "CVE-2019-2501", "CVE-2019-2504", "CVE-2019-2505", "CVE-2019-2506", "CVE-2019-2508", "CVE-2019-2509", "CVE-2019-2511", "CVE-2019-2520", "CVE-2019-2521", "CVE-2019-2522", "CVE-2019-2523", "CVE-2019-2524", "CVE-2019-2525", "CVE-2019-2526", "CVE-2019-2527", "CVE-2019-2548", "CVE-2019-2550", "CVE-2019-2551", "CVE-2019-2552", "CVE-2019-2553", "CVE-2019-2554", "CVE-2019-2555", "CVE-2019-2556"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/a:oracle:vm_virtualbox"], "id": "VIRTUALBOX_JAN_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/121247", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121247);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-3309\",\n \"CVE-2018-5407\",\n \"CVE-2019-2446\",\n \"CVE-2019-2448\",\n \"CVE-2019-2500\",\n \"CVE-2019-2501\",\n \"CVE-2019-2504\",\n \"CVE-2019-2505\",\n \"CVE-2019-2506\",\n \"CVE-2019-2508\",\n \"CVE-2019-2509\",\n \"CVE-2019-2511\",\n \"CVE-2019-2520\",\n \"CVE-2019-2521\",\n \"CVE-2019-2522\",\n \"CVE-2019-2523\",\n \"CVE-2019-2524\",\n \"CVE-2019-2525\",\n \"CVE-2019-2526\",\n \"CVE-2019-2527\",\n \"CVE-2019-2548\",\n \"CVE-2019-2550\",\n \"CVE-2019-2551\",\n \"CVE-2019-2552\",\n \"CVE-2019-2553\",\n \"CVE-2019-2554\",\n \"CVE-2019-2555\",\n \"CVE-2019-2556\"\n );\n script_bugtraq_id(\n 105750,\n 105758,\n 105897,\n 106568,\n 106572,\n 106574,\n 106613\n );\n\n script_name(english:\"Oracle VM VirtualBox 5.2.x < 5.2.24 / 6.0.x < 6.0.2 (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle VM VirtualBox running on the remote host is\n5.2.x prior to 5.2.24 or 6.0.x prior to 6.0.2. It is, therefore,\naffected by multiple vulnerabilities as noted in the January 2018\nCritical Patch Update advisory :\n\n - A denial of service vulnerability in the bundled\n third-party component OpenSSL library's DSA signature\n algorithm that renders it vulnerable to a timing side\n channel attack. An attacker could leverage this\n vulnerability to recover the private key.\n (CVE-2018-0734)\n\n - Multiple unspecified vulnerabilities in the Core\n component of Oracle VirtualBox could allow an\n authenticated, local attacker with logon to the\n infrastructure where Oracle VM VirtualBox executes to\n compromise Oracle VM VirtualBox. (CVE-2018-3309,\n CVE-2019-2500, CVE-2019-2520, CVE-2019-2521,\n CVE-2019-2522, CVE-2019-2523, CVE-2019-2524,\n CVE-2019-2526, CVE-2019-2548, CVE-2019-2552)\n\n - Multiple unspecified vulnerabilities in the Core\n component of Oracle VirtualBox could allow an\n authenticated, local attacker with logon to the\n infrastructure where Oracle VM VirtualBox executes to\n potentially expose critical or confidential data.\n (CVE-2019-2446, CVE-2019-2448, CVE-2019-2450,\n CVE-2019-2451, CVE-2019-2501, CVE-2019-2504,\n CVE-2019-2505, CVE-2019-2506, CVE-2019-2525,\n CVE-2019-2553, CVE-2019-2554, CVE-2019-2555,\n CVE-2019-2556)\n\n - Multiple denial of service vulnerabilities in the Core\n component of Oracle VirtualBox could allow an\n authenticated, local attacker with logon to the\n infrastructure where Oracle VM VirtualBox executes to\n cause a denial of service condition. (CVE-2019-2508,\n CVE-2019-2509, CVE-2019-2527)\n\n - An denial of service vulnerabilities with the SOAP\n protocol in the Core component of Oracle VirtualBox\n could allow an unauthenticated, remote attacker, to\n potentially a denial of service condition.\n (CVE-2019-2511)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html#AppendixOVIR\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0dcafb3e\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.virtualbox.org/wiki/Changelog\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle VM VirtualBox version 5.2.24, 6.0.2 or later as\nreferenced in the January 2019 Oracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2551\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-2552\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:vm_virtualbox\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"virtualbox_installed.nasl\", \"macosx_virtualbox_installed.nbin\");\n script_require_ports(\"installed_sw/Oracle VM VirtualBox\", \"installed_sw/VirtualBox\");\n\n exit(0);\n}\n\ninclude(\"vcf.inc\");\n\nif (get_kb_item(\"installed_sw/Oracle VM VirtualBox\"))\n app_info = vcf::get_app_info(app:\"Oracle VM VirtualBox\", win_local:TRUE);\nelse\n app_info = vcf::get_app_info(app:\"VirtualBox\");\n\nconstraints = [\n {\"min_version\" : \"5.2\", \"fixed_version\" : \"5.2.24\"},\n {\"min_version\" : \"6.0\", \"fixed_version\" : \"6.0.2\"}\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-17T23:19:47", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.14. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2436", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2494", "CVE-2019-2495", "CVE-2019-2502", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2513", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2530", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2533", "CVE-2019-2534", "CVE-2019-2535", "CVE-2019-2536", "CVE-2019-2537", "CVE-2019-2539"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700630.PRM", "href": "https://www.tenable.com/plugins/nnm/700630", "sourceData": "Binary data 700630.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-02-01T15:09:25", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.14. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-17T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2436", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2494", "CVE-2019-2495", "CVE-2019-2502", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2513", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2530", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2533", "CVE-2019-2534", "CVE-2019-2535", "CVE-2019-2536", "CVE-2019-2537", "CVE-2019-2539"], "modified": "2021-05-19T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_8_0_14.NASL", "href": "https://www.tenable.com/plugins/nessus/121229", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121229);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/05/19\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-3123\",\n \"CVE-2019-2420\",\n \"CVE-2019-2434\",\n \"CVE-2019-2436\",\n \"CVE-2019-2455\",\n \"CVE-2019-2481\",\n \"CVE-2019-2482\",\n \"CVE-2019-2486\",\n \"CVE-2019-2494\",\n \"CVE-2019-2495\",\n \"CVE-2019-2502\",\n \"CVE-2019-2503\",\n \"CVE-2019-2507\",\n \"CVE-2019-2510\",\n \"CVE-2019-2513\",\n \"CVE-2019-2528\",\n \"CVE-2019-2529\",\n \"CVE-2019-2530\",\n \"CVE-2019-2531\",\n \"CVE-2019-2532\",\n \"CVE-2019-2533\",\n \"CVE-2019-2534\",\n \"CVE-2019-2535\",\n \"CVE-2019-2536\",\n \"CVE-2019-2537\",\n \"CVE-2019-2539\"\n );\n script_bugtraq_id(\n 105758,\n 106619,\n 106622,\n 106625,\n 106626,\n 106627,\n 106628\n );\n\n script_name(english:\"MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU)\");\n script_summary(english:\"Checks the version of MySQL server.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 8.0.x prior to\n8.0.14. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJanuary 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Replication' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to gain unauthorized access critical data or\n complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Optimizer' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: PS' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-14.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 8.0.14 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2534\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/17\");\n\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\n \"mysql_version.nasl\", \n \"mysql_login.nasl\", \n \"mysql_version_local.nasl\", \n \"mysql_win_installed.nbin\", \n \"macosx_mysql_installed.nbin\"\n );\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '8.0.0', 'fixed_version' : '8.0.14'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);\n\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:N/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:12", "description": "The version of Oracle E-Business installed on the remote host is missing the January 2019 Oracle Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities as noted in the January 2019 Critical Patch Update advisory :\n\n - Oracle CRM Technical Foundation Messages component is easily exploited by an unauthenticated attacker. A successful attack requires human interaction from a person other than the attacker. Successful attacks can result in unauthorized update, insert, or delete access. (CVE-2019-2396)\n\n - Oracle iStore User Registration component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert, or delete access. (CVE-2019-2400)\n\n - Oracle Marketing User Interface component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker to compromise Oracle Marketing. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized access to critical data or complete access to all Oracle Marketing accessible data as well as unauthorized update, insert, or delete access. (CVE-2019-2440) \n\n - Oracle Content Manager Cover Letter component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker to compromise Oracle Content Manager. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized access to critical data or complete access to all Oracle Content Manager accessible data as well as unauthorized update, insert or delete access. (CVE-2019-2445) \n\n - Oracle Partner Management Partner Detail component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with network access via HTTP to compromise Oracle Partner Management. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized access to critical data or complete access to all Oracle Partner Management accessible data as well as unauthorized update, insert or delete. (CVE-2019-2447)\n\n - Oracle Performance Management Performance Management Plan component of Oracle E-Business Suite is easily exploited and allows unauthorized creation, deletion or modification access to critical data and complete access to all Oracle Performance Management accessible data. (CVE-2019-2453)\n\n - Oracle Partner Management Partner Detail component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker to gain unauthorized access to critical data as well as unauthorized update, insert or delete access to some of Oracle Partner Management accessible data. (CVE-2019-2470)\n\n - Oracle Mobile Field Service Administration component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker the ability to perform unauthorized update, insert or delete of data. (CVE-2019-2485) \n - Oracle CRM Technical Foundation Session Management component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker to obtain unauthorized read access data.\n (CVE-2019-2488)\n\n - Oracle One-to-One Fulfillment OCM Query component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform unauthorized creation, deletion or modification access to critical data as well as unauthorized access all data. (CVE-2019-2489)\n\n - Oracle Email Center Message Display component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle Email Center accessible data. (CVE-2019-2491)\n\n - Oracle Email Center Message Display component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle Email Center accessible data. (CVE-2019-2492)\n\n - Oracle CRM Technical Foundation Messages component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. (CVE-2019-2496)\n\n - Oracle CRM Technical Foundation Messages component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. (CVE-2019-2497)\n\n - Oracle Partner Management Partner Dash board component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. (CVE-2019-2498)\n\n - Oracle Applications Manager SQL Extensions component of Oracle E-Business Suite is easily exploited and allows an unauthenticated attacker with the ability to perform an unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. (CVE-2019-2546)\n\nIn addition, Oracle E-Business is also affected by multiple additional vulnerabilities. Please consult the CVRF details for the applicable CVEs for additional information.\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.1, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.2}, "published": "2019-01-18T00:00:00", "type": "nessus", "title": "Oracle E-Business Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 6.4, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2396", "CVE-2019-2400", "CVE-2019-2440", "CVE-2019-2445", "CVE-2019-2447", "CVE-2019-2453", "CVE-2019-2470", "CVE-2019-2485", "CVE-2019-2488", "CVE-2019-2489", "CVE-2019-2491", "CVE-2019-2492", "CVE-2019-2496", "CVE-2019-2497", "CVE-2019-2498", "CVE-2019-2546"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:e-business_suite"], "id": "ORACLE_E-BUSINESS_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/121250", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121250);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2019-2396\",\n \"CVE-2019-2400\",\n \"CVE-2019-2440\",\n \"CVE-2019-2445\",\n \"CVE-2019-2447\",\n \"CVE-2019-2453\",\n \"CVE-2019-2470\",\n \"CVE-2019-2485\",\n \"CVE-2019-2488\",\n \"CVE-2019-2489\",\n \"CVE-2019-2491\",\n \"CVE-2019-2492\",\n \"CVE-2019-2496\",\n \"CVE-2019-2497\",\n \"CVE-2019-2498\",\n \"CVE-2019-2546\"\n );\n script_bugtraq_id(106620, 106624);\n\n script_name(english:\"Oracle E-Business Multiple Vulnerabilities (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A web application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle E-Business installed on the remote host is\nmissing the January 2019 Oracle Critical Patch Update (CPU). It is,\ntherefore, affected by multiple vulnerabilities as noted in the\nJanuary 2019 Critical Patch Update advisory :\n\n - Oracle CRM Technical Foundation Messages component is easily \n exploited by an unauthenticated attacker. A successful attack \n requires human interaction from a person other than the attacker. \n Successful attacks can result in unauthorized update, insert, or \n delete access. (CVE-2019-2396)\n\n - Oracle iStore User Registration component of Oracle E-Business \n Suite is easily exploited and allows an unauthenticated \n attacker to compromise Oracle iStore. Successful attacks require \n human interaction from a person other than the attacker and can \n result in unauthorized access to critical data or complete \n access to all Oracle iStore accessible data as well as \n unauthorized update, insert, or delete access. (CVE-2019-2400)\n\n - Oracle Marketing User Interface component of Oracle E-Business \n Suite is easily exploited and allows an unauthenticated \n attacker to compromise Oracle Marketing. Successful attacks \n require human interaction from a person other than the \n attacker and can result in unauthorized access to critical data \n or complete access to all Oracle Marketing accessible data as \n well as unauthorized update, insert, or delete access. \n (CVE-2019-2440) \n\n - Oracle Content Manager Cover Letter component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker to compromise Oracle Content Manager. \n Successful attacks require human interaction from a person other \n than the attacker and can result in unauthorized access to \n critical data or complete access to all Oracle Content Manager \n accessible data as well as unauthorized update, insert or delete \n access. (CVE-2019-2445) \n\n - Oracle Partner Management Partner Detail component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker with network access via HTTP to \n compromise Oracle Partner Management. Successful attacks require \n human interaction from a person other than the attacker and can \n result in unauthorized access to critical data or complete access\n to all Oracle Partner Management accessible data as well as \n unauthorized update, insert or delete. (CVE-2019-2447)\n\n - Oracle Performance Management Performance Management Plan \n component of Oracle E-Business Suite is easily exploited and \n allows unauthorized creation, deletion or modification access to \n critical data and complete access to all Oracle Performance \n Management accessible data. (CVE-2019-2453)\n\n - Oracle Partner Management Partner Detail component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker to gain unauthorized access to critical \n data as well as unauthorized update, insert or delete access to \n some of Oracle Partner Management accessible data. (CVE-2019-2470)\n\n - Oracle Mobile Field Service Administration component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker the ability to perform unauthorized \n update, insert or delete of data. (CVE-2019-2485)\n \n - Oracle CRM Technical Foundation Session Management component of \n Oracle E-Business Suite is easily exploited and allows an \n unauthenticated attacker to obtain unauthorized read access data.\n (CVE-2019-2488)\n\n - Oracle One-to-One Fulfillment OCM Query component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker with the ability to perform \n unauthorized creation, deletion or modification access to \n critical data as well as unauthorized access all data. \n (CVE-2019-2489)\n\n - Oracle Email Center Message Display component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of Oracle \n Email Center accessible data. (CVE-2019-2491)\n\n - Oracle Email Center Message Display component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of \n Oracle Email Center accessible data. (CVE-2019-2492)\n\n - Oracle CRM Technical Foundation Messages component of Oracle \n E-Business Suite is easily exploited and allows an\n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of Oracle \n CRM Technical Foundation accessible data. (CVE-2019-2496)\n\n - Oracle CRM Technical Foundation Messages component of Oracle \n E-Business Suite is easily exploited and allows an \n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of Oracle \n CRM Technical Foundation accessible data. (CVE-2019-2497)\n\n - Oracle Partner Management Partner Dash board component of Oracle \n E-Business Suite is easily exploited and allows an\n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of Oracle \n CRM Technical Foundation accessible data. (CVE-2019-2498)\n\n - Oracle Applications Manager SQL Extensions component of Oracle \n E-Business Suite is easily exploited and allows an\n unauthenticated attacker with the ability to perform an \n unauthorized update, insert or delete access to some of Oracle \n CRM Technical Foundation accessible data. (CVE-2019-2546)\n\nIn addition, Oracle E-Business is also affected by multiple additional\nvulnerabilities. Please consult the CVRF details for the applicable\nCVEs for additional information.\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2019 Oracle\nCritical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2489\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:e-business_suite\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_e-business_query_patch_info.nbin\");\n script_require_keys(\"Oracle/E-Business/Version\", \"Oracle/E-Business/patches/installed\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"Oracle/E-Business/Version\");\npatches = get_kb_item_or_exit(\"Oracle/E-Business/patches/installed\");\n\n# Batch checks\nif (patches) patches = split(patches, sep:',', keep:FALSE);\nelse patches = make_list();\n\np12_1 = '28840561';\np12_2 = '28840562';\n\n# Check if the installed version is an affected version\naffected_versions = make_array(\n '12.1.3', make_list(p12_1),\n\n '12.2.3', make_list(p12_2),\n '12.2.4', make_list(p12_2),\n '12.2.5', make_list(p12_2),\n '12.2.6', make_list(p12_2),\n '12.2.7', make_list(p12_2)\n);\n\npatched = FALSE;\naffectedver = FALSE;\n\nif (affected_versions[version])\n{\n affectedver = TRUE;\n patchids = affected_versions[version];\n foreach required_patch (patchids)\n {\n foreach applied_patch (patches)\n {\n if(required_patch == applied_patch)\n {\n patched = applied_patch;\n break;\n }\n }\n if(patched) break;\n }\n if(!patched) patchreport = join(patchids,sep:\" or \");\n}\n\nif (!patched && affectedver)\n {\n report =\n '\\n Installed version : '+version+\n '\\n Fixed version : '+version+' Patch '+patchreport+\n '\\n';\n security_report_v4(port:0,extra:report,severity:SECURITY_WARNING);\n }\nelse if (!affectedver) audit(AUDIT_INST_VER_NOT_VULN, 'Oracle E-Business', version);\nelse exit(0, 'The Oracle E-Business server ' + version + ' is not affected because patch ' + patched + ' has been applied.');\n", "cvss": {"score": 6.4, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:13:38", "description": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2532)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2455)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2420)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2481)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2529)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2510)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2507)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Partition). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2528)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2537)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2486)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2434)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2019-2534)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).\n(CVE-2019-2503)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2531)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-03-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : mysql57 (ALAS-2019-1181)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mysql57", "p-cpe:/a:amazon:linux:mysql57-common", "p-cpe:/a:amazon:linux:mysql57-debuginfo", "p-cpe:/a:amazon:linux:mysql57-devel", "p-cpe:/a:amazon:linux:mysql57-embedded", "p-cpe:/a:amazon:linux:mysql57-embedded-devel", "p-cpe:/a:amazon:linux:mysql57-errmsg", "p-cpe:/a:amazon:linux:mysql57-libs", "p-cpe:/a:amazon:linux:mysql57-server", "p-cpe:/a:amazon:linux:mysql57-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1181.NASL", "href": "https://www.tenable.com/plugins/nessus/123089", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1181.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123089);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-2420\", \"CVE-2019-2434\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2486\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2510\", \"CVE-2019-2528\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2532\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_xref(name:\"ALAS\", value:\"2019-1181\");\n\n script_name(english:\"Amazon Linux AMI : mysql57 (ALAS-2019-1181)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Security: Privileges). Supported versions that\nare affected are 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows high privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2532)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Parser). Supported versions that are affected\nare 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2455)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable\nvulnerability allows high privileged attacker with network access via\nmultiple protocols to compromise MySQL Server. Successful attacks of\nthis vulnerability can result in unauthorized ability to cause a hang\nor frequently repeatable crash (complete DOS) of MySQL Server. CVSS\n3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2420)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2481)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2529)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: InnoDB). Supported versions that are affected are\n5.7.24 and prior and 8.0.13 and prior. Easily exploitable\nvulnerability allows high privileged attacker with network access via\nmultiple protocols to compromise MySQL Server. Successful attacks of\nthis vulnerability can result in unauthorized ability to cause a hang\nor frequently repeatable crash (complete DOS) of MySQL Server. CVSS\n3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2510)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2507)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Partition). Supported versions that are\naffected are 5.7.24 and prior and 8.0.13 and prior. Easily exploitable\nvulnerability allows high privileged attacker with network access via\nmultiple protocols to compromise MySQL Server. Successful attacks of\nthis vulnerability can result in unauthorized ability to cause a hang\nor frequently repeatable crash (complete DOS) of MySQL Server. CVSS\n3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2528)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: DDL). Supported versions that are affected are\n5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows high privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2537)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Security: Privileges). Supported versions that\nare affected are 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows high privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2486)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Parser). Supported versions that are affected\nare 5.7.24 and prior and 8.0.13 and prior. Easily exploitable\nvulnerability allows low privileged attacker with network access via\nmultiple protocols to compromise MySQL Server. Successful attacks of\nthis vulnerability can result in unauthorized ability to cause a hang\nor frequently repeatable crash (complete DOS) of MySQL Server. CVSS\n3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2434)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Replication). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\naccess to critical data or complete access to all MySQL Server\naccessible data as well as unauthorized update, insert or delete\naccess to some of MySQL Server accessible data. CVSS 3.0 Base Score\n7.1 (Confidentiality and Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2019-2534)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Connection Handling). Supported versions that\nare affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and\nprior. Difficult to exploit vulnerability allows low privileged\nattacker with access to the physical communication segment attached to\nthe hardware where the MySQL Server executes to compromise MySQL\nServer. Successful attacks of this vulnerability can result in\nunauthorized access to critical data or complete access to all MySQL\nServer accessible data and unauthorized ability to cause a hang or\nfrequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0\nBase Score 6.4 (Confidentiality and Availability impacts). CVSS\nVector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).\n(CVE-2019-2503)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Replication). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2531)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: PS). Supported versions that are affected are\n5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2482)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1181.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mysql57' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-errmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql57-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-common-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-debuginfo-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-devel-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-embedded-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-embedded-devel-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-errmsg-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-libs-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-server-5.7.25-1.11.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql57-test-5.7.25-1.11.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql57 / mysql57-common / mysql57-debuginfo / mysql57-devel / etc\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:13:10", "description": "** MySQL 5.7.25 **\n\nRelease notes :\n\nhttps://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html\n\nCVEs fixed :\n\nCVE-2019-2420 CVE-2019-2434 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2486 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528 CVE-2019-2529 CVE-2019-2531 CVE-2019-2532 CVE-2019-2534 CVE-2019-2537\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-03-04T00:00:00", "type": "nessus", "title": "Fedora 28 : community-mysql (2019-21b76d179e)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2020-02-07T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:community-mysql", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-21B76D179E.NASL", "href": "https://www.tenable.com/plugins/nessus/122557", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-21b76d179e.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122557);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/07\");\n\n script_cve_id(\"CVE-2019-2420\", \"CVE-2019-2434\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2486\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2510\", \"CVE-2019-2528\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2532\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_xref(name:\"FEDORA\", value:\"2019-21b76d179e\");\n\n script_name(english:\"Fedora 28 : community-mysql (2019-21b76d179e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"** MySQL 5.7.25 **\n\nRelease notes :\n\nhttps://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html\n\nCVEs fixed :\n\nCVE-2019-2420 CVE-2019-2434 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482\nCVE-2019-2486 CVE-2019-2503 CVE-2019-2507 CVE-2019-2510 CVE-2019-2528\nCVE-2019-2529 CVE-2019-2531 CVE-2019-2532 CVE-2019-2534 CVE-2019-2537\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-21b76d179e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected community-mysql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:community-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"community-mysql-5.7.25-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"community-mysql\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:08:51", "description": "Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.25.\n\nIn addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html https://www.oracle.com/technetwork/security-advisory/cpujan2019-507280 1.html.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-24T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : MySQL vulnerabilities (USN-3867-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2023-01-12T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3867-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121346", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3867-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121346);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2019-2420\", \"CVE-2019-2434\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2486\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2510\", \"CVE-2019-2528\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2532\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_xref(name:\"USN\", value:\"3867-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 : MySQL vulnerabilities (USN-3867-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in MySQL and this update\nincludes a new upstream MySQL version to fix these issues.\n\nUbuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated\nto MySQL 5.7.25.\n\nIn addition to security fixes, the updated packages contain bug fixes,\nnew features, and possibly incompatible changes.\n\nPlease see the following for more information:\nhttp://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html\nhttps://www.oracle.com/technetwork/security-advisory/cpujan2019-507280\n1.html.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3867-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mysql-server-5.7 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:mysql-server-5.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2023 Canonical, Inc. / NASL script (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nvar release = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.25-0ubuntu0.16.04.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.25-0ubuntu0.18.04.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"mysql-server-5.7\", pkgver:\"5.7.25-0ubuntu0.18.10.2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql-server-5.7\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-17T23:09:23", "description": "Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.7.24, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see Oracle's Critical Patch Update advisory for further details. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-16T00:00:00", "type": "nessus", "title": "Oracle MySQL 5.7.x < 5.7.24 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2486", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700392.PRM", "href": "https://www.tenable.com/plugins/nnm/700392", "sourceData": "Binary data 700392.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-01-13T15:00:12", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - An unspecified vulnerability in the subcomponent Networking (jQuery) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center. A successful attacks requires human interaction and can result in unauthorized update, insert or delete access to some of Enterprise Manager Ops Center accessible data.\n (CVE-2015-9251)\n\n - An unspecified vulnerability in the subcomponent Networking (OpenSSL) of the Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. An easy to exploit vulnerability could allow an unauthenticated attacker with network access via HTTPS to compromise Enterprise Manager Ops Center. A successful attack of this vulnerability could result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager Ops Center. (CVE-2018-0732)\n\n - An unspecified vulnerability in the subcomponent Networking (cURL) of Enterprise Manager Ops Center. Supported versions that are affected are 12.2.2 and 12.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager Ops Center.\n A successful attack requires human interaction from a person other than the attacker and can result in takeover of Enterprise Manager Ops Center. (CVE-2018-1000300)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-21T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Ops Center (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2017-3735", "CVE-2017-3736", "CVE-2017-3738", "CVE-2018-0732", "CVE-2018-0733", "CVE-2018-0737", "CVE-2018-0739", "CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301"], "modified": "2023-01-12T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager_ops_center"], "id": "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_JAN_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/131184", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131184);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\n \"CVE-2015-9251\",\n \"CVE-2017-3735\",\n \"CVE-2017-3736\",\n \"CVE-2017-3738\",\n \"CVE-2018-0732\",\n \"CVE-2018-0733\",\n \"CVE-2018-0737\",\n \"CVE-2018-0739\",\n \"CVE-2018-1000120\",\n \"CVE-2018-1000121\",\n \"CVE-2018-1000122\",\n \"CVE-2018-1000300\",\n \"CVE-2018-1000301\"\n );\n\n script_name(english:\"Oracle Enterprise Manager Ops Center (Jan 2019 CPU)\");\n script_summary(english:\"Checks for the patch ID.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in\nEnterprise Manager Base Platform component:\n\n - An unspecified vulnerability in the subcomponent Networking\n (jQuery) of Enterprise Manager Ops Center. Supported versions\n that are affected are 12.2.2 and 12.3.3. An easy to exploit\n vulnerability could allow an unauthenticated attacker with\n network access via HTTP to compromise Enterprise Manager Ops\n Center. A successful attacks requires human interaction and\n can result in unauthorized update, insert or delete access\n to some of Enterprise Manager Ops Center accessible data.\n (CVE-2015-9251)\n\n - An unspecified vulnerability in the subcomponent Networking\n (OpenSSL) of the Enterprise Manager Ops Center. Supported\n versions that are affected are 12.2.2 and 12.3.3. An easy\n to exploit vulnerability could allow an unauthenticated\n attacker with network access via HTTPS to compromise\n Enterprise Manager Ops Center. A successful attack of this\n vulnerability could result in unauthorized ability to cause\n a hang or frequently repeatable crash (complete DOS) of\n Enterprise Manager Ops Center. (CVE-2018-0732)\n\n - An unspecified vulnerability in the subcomponent Networking\n (cURL) of Enterprise Manager Ops Center. Supported versions\n that are affected are 12.2.2 and 12.3.3. Difficult to exploit\n vulnerability allows unauthenticated attacker with network\n access via HTTP to compromise Enterprise Manager Ops Center.\n A successful attack requires human interaction from a person\n other than the attacker and can result in takeover of\n Enterprise Manager Ops Center. (CVE-2018-1000300)\");\n # https://www.oracle.com/security-alerts/cpujan2019.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?69d7e6bf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2019\nOracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000300\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager_ops_center\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_ops_center_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Ops Center\");\n\n exit(0);\n}\n\ninclude('vcf_extras_oracle_em_ops_center.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\n\nvar constraints = [\n {'min_version': '12.2.2.0', 'max_version': '12.2.2.9999', 'uce_patch': '29215911', 'ui_patch': '29215902'},\n {'min_version': '12.3.3.0', 'max_version': '12.3.3.9999', 'uce_patch': '29215911', 'ui_patch': '29215902'}\n];\n\nvar app_info = vcf::oracle_em_ops_center::get_app_info();\n\nvcf::oracle_em_ops_center::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-13T14:23:46", "description": "The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities:\n\n - XML external entity (XXE) vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read arbitrary files or cause a denial of service (resource consumption) via vectors involving XmlVTI and the XML datatype.\n (CVE-2015-1832)\n\n - Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. (CVE-2018-1000180)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle WebLogic Server. (CVE-2019-2452)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. While the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. (CVE-2019-2418)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected is 10.3.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server.\n Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server.\n (CVE-2019-2395)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebLogic Server accessible data. (CVE-2019-2441)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Deployment). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. (CVE-2019-2398)\n\n - Legion of the Bouncy Castle Java Cryptography APIs versions prior to 1.60 are affected by CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') flaw in XMSS/XMSS^MT private key deserialization routines. This allows an attacker to force execution of arbitrary code. Successful attack could be conducted via usage of a handcrafted private key object with references to unexpected classes which allow malicious commands execution. (CVE-2018-1000613)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server.\n Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data. (CVE-2018-3246)\n\n - In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control. If the Derby Network Server is not running with a Java Security Manager policy file, the attack is successful.\n If the server is using a policy file, the policy file must permit the database location to be read for the attack to work.\n The default Derby Network Server policy file distributed with the affected releases includes a permissive policy as the default Network Server policy, which allows the attack to work.\n (CVE-2018-1313)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-17T00:00:00", "type": "nessus", "title": "Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-1832", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1313", "CVE-2018-3246", "CVE-2019-2395", "CVE-2019-2398", "CVE-2019-2418", "CVE-2019-2441", "CVE-2019-2452"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:weblogic_server"], "id": "ORACLE_WEBLOGIC_SERVER_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/121226", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121226);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2015-1832\",\n \"CVE-2018-1313\",\n \"CVE-2018-3246\",\n \"CVE-2018-1000180\",\n \"CVE-2018-1000613\",\n \"CVE-2019-2395\",\n \"CVE-2019-2398\",\n \"CVE-2019-2418\",\n \"CVE-2019-2441\",\n \"CVE-2019-2452\"\n );\n script_bugtraq_id(\n 93132,\n 104140,\n 105628,\n 106585,\n 106617\n );\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0025\");\n\n script_name(english:\"Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle WebLogic Server installed on the remote host is\naffected by multiple vulnerabilities:\n\n - XML external entity (XXE) vulnerability in the SqlXmlUtil code\n in Apache Derby before 10.12.1.1, when a Java Security Manager\n is not in place, allows context-dependent attackers to read\n arbitrary files or cause a denial of service (resource\n consumption) via vectors involving XmlVTI and the XML datatype.\n (CVE-2015-1832)\n\n - Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and\n earlier have a flaw in the Low-level interface to RSA key pair\n generator, specifically RSA Key Pairs generated in low-level API\n with added certainty may have less M-R tests than expected. This\n appears to be fixed in versions BC 1.60 beta 4 and later,\n BC-FJA 1.0.2 and later. (CVE-2018-1000180)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: WLS Core Components). Supported\n versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Easily exploitable vulnerability allows high privileged attacker\n with network access via HTTP to compromise Oracle WebLogic\n Server. Successful attacks of this vulnerability can result in\n unauthorized creation, deletion or modification access to\n critical data or all Oracle WebLogic Server accessible data as\n well as unauthorized read access to a subset of Oracle WebLogic\n Server accessible data and unauthorized ability to cause a hang\n or frequently repeatable crash (complete DOS) of Oracle WebLogic\n Server. (CVE-2019-2452)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: WLS Core Components). Supported\n versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Difficult to exploit vulnerability allows unauthenticated\n attacker with network access via T3 to compromise Oracle\n WebLogic Server. While the vulnerability is in Oracle WebLogic\n Server, attacks may significantly impact additional products.\n Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of Oracle\n WebLogic Server accessible data as well as unauthorized read\n access to a subset of Oracle WebLogic Server accessible data and\n unauthorized ability to cause a partial denial of service\n (partial DOS) of Oracle WebLogic Server. (CVE-2019-2418)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: WLS - Web Services). The\n supported version that is affected is 10.3.6.0. Easily\n exploitable vulnerability allows low privileged attacker with\n network access via HTTP to compromise Oracle WebLogic Server.\n Successful attacks of this vulnerability can result in\n unauthorized read access to a subset of Oracle WebLogic Server\n accessible data and unauthorized ability to cause a partial\n denial of service (partial DOS) of Oracle WebLogic Server.\n (CVE-2019-2395)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: Application Container - JavaEE). \n The supported version that is affected is 12.2.1.3. Easily\n exploitable vulnerability allows unauthenticated attacker\n with network access via HTTP to compromise Oracle WebLogic\n Server. Successful attacks of this vulnerability can result in\n unauthorized read access to a subset of Oracle WebLogic Server\n accessible data. (CVE-2019-2441)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: WLS - Deployment). Supported\n versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3.\n Easily exploitable vulnerability allows low privileged attacker\n with network access via HTTP to compromise Oracle WebLogic\n Server. Successful attacks of this vulnerability can result in\n unauthorized update, insert or delete access to some of Oracle\n WebLogic Server accessible data. (CVE-2019-2398)\n\n - Legion of the Bouncy Castle Java Cryptography APIs versions prior\n to 1.60 are affected by CWE-470: Use of Externally-Controlled\n Input to Select Classes or Code ('Unsafe Reflection') flaw in\n XMSS/XMSS^MT private key deserialization routines. This allows\n an attacker to force execution of arbitrary code. Successful\n attack could be conducted via usage of a handcrafted private key\n object with references to unexpected classes which allow\n malicious commands execution. (CVE-2018-1000613)\n\n - Vulnerability in the Oracle WebLogic Server component of Oracle\n Fusion Middleware (subcomponent: WLS - Web Services). Supported\n versions that are affected are 12.1.3.0 and 12.2.1.3. Easily\n exploitable vulnerability allows unauthenticated attacker with\n network access via HTTP to compromise Oracle WebLogic Server.\n Successful attacks of this vulnerability can result in\n unauthorized access to critical data or complete access to all\n Oracle WebLogic Server accessible data. (CVE-2018-3246)\n\n - In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted\n network packet can be used to request the Derby Network Server\n to boot a database whose location and contents are under the\n user's control. If the Derby Network Server is not running with\n a Java Security Manager policy file, the attack is successful.\n If the server is using a policy file, the policy file must\n permit the database location to be read for the attack to work.\n The default Derby Network Server policy file distributed with\n the affected releases includes a permissive policy as the\n default Network Server policy, which allows the attack to work.\n (CVE-2018-1313)\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2019 Oracle\nCritical Patch Update advisory.\n\nRefer to Oracle for any additional patch instructions or\nmitigation options.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000613\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:weblogic_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_weblogic_server_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Oracle WebLogic Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"obj.inc\");\ninclude(\"spad_log_func.inc\");\n\napp_name = \"Oracle WebLogic Server\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\n\nspad_log(message:\"checking version [\" + version + \"]\");\n# individual security patches\nif (version =~ \"^12\\.2\\.1\\.3($|[^0-9])\")\n{\n fix_ver = \"12.2.1.3.190115\";\n fix = make_list(\"28710939\");\n}\nelse if (version =~ \"^12\\.1\\.3\\.\")\n{\n fix_ver = \"12.1.3.0.190115\";\n fix = make_list(\"28710923\");\n}\nelse if (version =~ \"^10\\.3\\.6\\.\")\n{\n fix_ver = \"10.3.6.0.190115\";\n fix = make_list(\"7HKN\"); # patchid is obtained from the readme and 10.3.6.x assets are different\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nspad_log(message:\"checking fix [\" + obj_rep(fix) + \"]\");\nPATCHED=FALSE;\n\n# Iterate over the list of patches and check the install for the patchID\nforeach id (fix)\n{\n spad_log(message:\"Checking fix id: [\" + id +\"]\");\n if (install[id])\n {\n PATCHED=TRUE;\n break;\n }\n}\n\nVULN=FALSE;\nif (ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n VULN=TRUE;\n\nif (PATCHED || !VULN)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nos = get_kb_item_or_exit(\"Host/OS\");\nif ('windows' >< tolower(os))\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n}\nelse port = 0;\n\nreport =\n '\\n Oracle Home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version +\n '\\n Fixes : ' + join(sep:\", \", fix);\n\nsecurity_report_v4(extra:report, severity:SECURITY_HOLE, port:port);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-17T23:19:42", "description": "The version of MySQL running on the remote host is 8.0.x prior to 8.0.15. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 8.0.x < 8.0.15 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700631.PRM", "href": "https://www.tenable.com/plugins/nnm/700631", "sourceData": "Binary data 700631.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-17T23:19:45", "description": "The version of MySQL running on the remote host is 5.7.x prior to 5.7.25. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700628.PRM", "href": "https://www.tenable.com/plugins/nnm/700628", "sourceData": "Binary data 700628.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:09:33", "description": "The version of MySQL running on the remote host is 5.7.x prior to 5.7.25. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-17T00:00:00", "type": "nessus", "title": "MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2420", "CVE-2019-2434", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2510", "CVE-2019-2528", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2532", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2022-10-05T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_7_25.NASL", "href": "https://www.tenable.com/plugins/nessus/121228", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121228);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/05\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-3123\",\n \"CVE-2019-2420\",\n \"CVE-2019-2434\",\n \"CVE-2019-2455\",\n \"CVE-2019-2481\",\n \"CVE-2019-2482\",\n \"CVE-2019-2503\",\n \"CVE-2019-2507\",\n \"CVE-2019-2510\",\n \"CVE-2019-2528\",\n \"CVE-2019-2529\",\n \"CVE-2019-2531\",\n \"CVE-2019-2532\",\n \"CVE-2019-2534\",\n \"CVE-2019-2537\"\n );\n script_bugtraq_id(\n 105758,\n 106619,\n 106626,\n 106627,\n 106628\n );\n\n script_name(english:\"MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU)\");\n script_summary(english:\"Checks the version of MySQL server.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.7.x prior to\n5.7.25. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJanuary 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Replication' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to gain unauthorized access critical data or\n complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Optimizer' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: PS' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-25.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.7.25 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2534\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/17\");\n\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\n \"mysql_version.nasl\", \n \"mysql_login.nasl\", \n \"mysql_version_local.nasl\", \n \"mysql_win_installed.nbin\", \n \"macosx_mysql_installed.nbin\"\n );\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.7.0', 'fixed_version' : '5.7.25'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-04T14:39:43", "description": "The version of Oracle Application Testing Suite installed on the remote host is affected by multiple vulnerabilities : \n\n - Enterprise Manager Base Platform Agent Next Gen (Jython) component of Oracle Enterprise Manager Products Suite is easily exploited and can allow an unauthenticated attacker the ability to takeover the Enterprise Manager Base Platform. (CVE-2016-4000)\n\n - Enterprise Manager Base Platform Discovery Framework (OpenSSL) component of Oracle Enterprise Manager Products Suite is easily exploited and can allow an unauthenticated attacker the ability to cause a frequent crash (DoS) of the Enterprise Manager Base Platform. (CVE-2018-0732)\n\n - Enterprise Manager Ops Center Networking (OpenSSL) component of Oracle Enterprise Manager Products Suite is easily exploited and can allow an unauthenticated attacker the ability to cause a frequent crash (DoS) of the Enterprise Manager Ops Center Platform. (CVE-2018-0732)\n\n - Oracle Application Testing Suite Load Testing for Web Apps (Spring Framework) component of Oracle Enterprise Manager Products Suite is easily exploited and can allow an unauthenticated attacker the ability to takeover the Enterprise Manager Base Platform. (CVE-2018-1258)\n\n - Enterprise Manager Base Platform EM Console component is easily exploited by an unauthenticated attacker. Successful attacks can result in unauthorized update, insert, or delete access. (CVE-2018-3303)\n\n - Oracle Application Testing Suite Load Testing for Web Apps component is easily exploited by an unauthenticated attacker. Successful attacks can result in unauthorized update, insert, or delete access and a partial denial of service. (CVE-2018-3304)\n\n - Oracle Application Testing Suite Load Testing for Web Apps component is easily exploited by an unauthenticated attacker. Successful attacks can result in unauthorized update, insert, or delete access and a partial denial of service. (CVE-2018-3305)\n\n - Enterprise Manager for Virtualization Plug-In Lifecycle (jackson-databind) component of Oracle Enterprise Manager allows an unauthenticated attacker the ability to takeover Enterprise Manager for Virtualization. (CVE-2018-12023)\n\n - Enterprise Manager for Virtualization Plug-In Lifecycle (jackson-databind) component of Oracle Enterprise Manager allows an unauthenticated attacker the ability to takeover Enterprise Manager for Virtualization. (CVE-2018-14718)\n\n - Enterprise Manager Ops Center Networking (cURL) component of Oracle Enterprise Manager allows an unauthenticated attacker the ability to takeover Enterprise Manager Ops Center. (CVE-2018-1000300)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-01-21T00:00:00", "type": "nessus", "title": "Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2015-9251", "CVE-2016-4000", "CVE-2018-0732", "CVE-2018-1000300", "CVE-2018-12023", "CVE-2018-1258", "CVE-2018-14718", "CVE-2018-3303", "CVE-2018-3304", "CVE-2018-3305"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:application_testing_suite"], "id": "ORACLE_OATS_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/121257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121257);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2015-9251\",\n \"CVE-2016-4000\",\n \"CVE-2018-0732\",\n \"CVE-2018-1258\",\n \"CVE-2018-3303\",\n \"CVE-2018-3304\",\n \"CVE-2018-3305\",\n \"CVE-2018-12023\",\n \"CVE-2018-14718\",\n \"CVE-2018-1000300\"\n );\n script_bugtraq_id(\n 104207,\n 104222,\n 104442,\n 105647,\n 105658,\n 105659,\n 106601,\n 106615,\n 106618\n );\n\n script_name(english:\"Oracle Application Testing Suite Multiple Vulnerabilities (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host has a web application installed that is affected by \nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Application Testing Suite installed on the\nremote host is affected by multiple vulnerabilities : \n\n - Enterprise Manager Base Platform Agent Next Gen (Jython) \n component of Oracle Enterprise Manager Products Suite is easily \n exploited and can allow an unauthenticated attacker the ability\n to takeover the Enterprise Manager Base Platform. (CVE-2016-4000)\n\n - Enterprise Manager Base Platform Discovery Framework (OpenSSL) \n component of Oracle Enterprise Manager Products Suite is easily \n exploited and can allow an unauthenticated attacker the ability\n to cause a frequent crash (DoS) of the Enterprise Manager Base \n Platform. (CVE-2018-0732)\n\n - Enterprise Manager Ops Center Networking (OpenSSL) component of\n Oracle Enterprise Manager Products Suite is easily exploited \n and can allow an unauthenticated attacker the ability to cause a \n frequent crash (DoS) of the Enterprise Manager Ops Center\n Platform. (CVE-2018-0732)\n\n - Oracle Application Testing Suite Load Testing for Web Apps \n (Spring Framework) component of Oracle Enterprise Manager \n Products Suite is easily exploited and can allow an \n unauthenticated attacker the ability to takeover the Enterprise \n Manager Base Platform. (CVE-2018-1258)\n\n - Enterprise Manager Base Platform EM Console component is easily \n exploited by an unauthenticated attacker. Successful attacks \n can result in unauthorized update, insert, or delete access. \n (CVE-2018-3303)\n\n - Oracle Application Testing Suite Load Testing for Web Apps\n component is easily exploited by an unauthenticated attacker. \n Successful attacks can result in unauthorized update, insert, or \n delete access and a partial denial of service. (CVE-2018-3304)\n\n - Oracle Application Testing Suite Load Testing for Web Apps\n component is easily exploited by an unauthenticated attacker. \n Successful attacks can result in unauthorized update, insert, or \n delete access and a partial denial of service. (CVE-2018-3305)\n\n - Enterprise Manager for Virtualization Plug-In Lifecycle \n (jackson-databind) component of Oracle Enterprise Manager \n allows an unauthenticated attacker the ability to takeover \n Enterprise Manager for Virtualization. (CVE-2018-12023)\n\n - Enterprise Manager for Virtualization Plug-In Lifecycle \n (jackson-databind) component of Oracle Enterprise Manager \n allows an unauthenticated attacker the ability to takeover \n Enterprise Manager for Virtualization. (CVE-2018-14718)\n\n - Enterprise Manager Ops Center Networking (cURL) component of \n Oracle Enterprise Manager allows an unauthenticated attacker the \n ability to takeover Enterprise Manager Ops Center. \n (CVE-2018-1000300)\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the January 2019 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14718\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:application_testing_suite\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_application_testing_suite_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Application Testing Suite\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"smb_func.inc\");\ninclude(\"install_func.inc\");\n\napp_name = \"Oracle Application Testing Suite\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\n\n# individual security patches\nif (version =~ \"^13\\.3\\.0\\.1\\.\")\n{\n fix_ver = \"13.3.0.1.301\";\n fix = \"29172225\";\n}\nelse if (version =~ \"^13\\.2\\.0\\.1\\.\")\n{\n fix_ver = \"13.2.0.1.240\";\n fix = \"29172233\";\n}\nelse if (version =~ \"^13\\.1\\.0\\.1\\.\")\n{\n fix_ver = \"13.1.0.1.427\";\n fix = \"29172239\";\n}\nelse \n{\n # flag all 12.5.0.3.x \n fix_ver = \"12.5.0.3.999999\";\n}\n\n# Vulnerble versions that need to patch\nif (ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n{\n report =\n '\\n Oracle home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version;\n if (!isnull(fix)) \n {\n report += \n '\\n Required patch : ' + fix +\n '\\n';\n }\n else\n {\n report += \n '\\n Upgrade to 13.1.0.1 / 13.2.0.1 / 13.3.0.1 and apply the ' +\n 'appropriate patch according to the January 2019 Oracle ' +\n 'Critical Patch Update advisory.' +\n '\\n';\n }\n security_report_v4(extra:report, port:0, severity:SECURITY_HOLE);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-01T15:11:46", "description": "This update for mysql-community-server to version 5.6.43 fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-2534, CVE-2019-2529, CVE-2019-2482, CVE-2019-2455, CVE-2019-2503, CVE-2019-2537, CVE-2019-2481, CVE-2019-2507, CVE-2019-2531, CVE-2018-0734 (boo#1113652, boo#1122198)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-02-06T00:00:00", "type": "nessus", "title": "openSUSE Security Update : mysql-community-server (openSUSE-2019-138)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libmysql56client18", "p-cpe:/a:novell:opensuse:libmysql56client18-32bit", "p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo", "p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libmysql56client_r18", "p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit", "p-cpe:/a:novell:opensuse:mysql-community-server", "p-cpe:/a:novell:opensuse:mysql-community-server-bench", "p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server-client", "p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server-debugsource", "p-cpe:/a:novell:opensuse:mysql-community-server-errormessages", "p-cpe:/a:novell:opensuse:mysql-community-server-test", "p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo", "p-cpe:/a:novell:opensuse:mysql-community-server-tools", "p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-138.NASL", "href": "https://www.tenable.com/plugins/nessus/121608", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-138.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121608);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-0734\", \"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n\n script_name(english:\"openSUSE Security Update : mysql-community-server (openSUSE-2019-138)\");\n script_summary(english:\"Check for the openSUSE-2019-138 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for mysql-community-server to version 5.6.43 fixes the\nfollowing issues :\n\nSecurity issues fixed :\n\n - CVE-2019-2534, CVE-2019-2529, CVE-2019-2482,\n CVE-2019-2455, CVE-2019-2503, CVE-2019-2537,\n CVE-2019-2481, CVE-2019-2507, CVE-2019-2531,\n CVE-2018-0734 (boo#1113652, boo#1122198)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1113652\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1122198\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mysql-community-server packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client18-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client_r18\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libmysql56client_r18-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-bench-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-client\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-client-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-errormessages\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-test-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:mysql-community-server-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/02/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libmysql56client18-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libmysql56client18-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"libmysql56client_r18-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-bench-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-bench-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-client-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-client-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-debugsource-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-errormessages-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-test-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-test-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-tools-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"mysql-community-server-tools-debuginfo-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libmysql56client18-32bit-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libmysql56client18-debuginfo-32bit-5.6.43-45.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", cpu:\"x86_64\", reference:\"libmysql56client_r18-32bit-5.6.43-45.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libmysql56client18-32bit / libmysql56client18 / etc\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-17T23:09:35", "description": "Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.6.42, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see Oracle's Critical Patch Update advisory for further details. ", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-16T00:00:00", "type": "nessus", "title": "Oracle MySQL 5.6.x < 5.6.42 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700391.PRM", "href": "https://www.tenable.com/plugins/nnm/700391", "sourceData": "Binary data 700391.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:14:11", "description": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2455)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2537)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2529)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2481)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2507)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2019-2534)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).\n(CVE-2019-2503)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2531)\n\nVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-03-26T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : mysql56 (ALAS-2019-1178)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2020-02-03T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:mysql56", "p-cpe:/a:amazon:linux:mysql56-bench", "p-cpe:/a:amazon:linux:mysql56-common", "p-cpe:/a:amazon:linux:mysql56-debuginfo", "p-cpe:/a:amazon:linux:mysql56-devel", "p-cpe:/a:amazon:linux:mysql56-embedded", "p-cpe:/a:amazon:linux:mysql56-embedded-devel", "p-cpe:/a:amazon:linux:mysql56-errmsg", "p-cpe:/a:amazon:linux:mysql56-libs", "p-cpe:/a:amazon:linux:mysql56-server", "p-cpe:/a:amazon:linux:mysql56-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1178.NASL", "href": "https://www.tenable.com/plugins/nessus/123086", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1178.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123086);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/02/03\");\n\n script_cve_id(\"CVE-2019-2455\", \"CVE-2019-2481\", \"CVE-2019-2482\", \"CVE-2019-2503\", \"CVE-2019-2507\", \"CVE-2019-2529\", \"CVE-2019-2531\", \"CVE-2019-2534\", \"CVE-2019-2537\");\n script_xref(name:\"ALAS\", value:\"2019-1178\");\n\n script_name(english:\"Amazon Linux AMI : mysql56 (ALAS-2019-1178)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Vulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Parser). Supported versions that are affected\nare 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2455)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: DDL). Supported versions that are affected are\n5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows high privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2537)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2529)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2481)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Optimizer). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2507)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Replication). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows low privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\naccess to critical data or complete access to all MySQL Server\naccessible data as well as unauthorized update, insert or delete\naccess to some of MySQL Server accessible data. CVSS 3.0 Base Score\n7.1 (Confidentiality and Integrity impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). (CVE-2019-2534)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Connection Handling). Supported versions that\nare affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and\nprior. Difficult to exploit vulnerability allows low privileged\nattacker with access to the physical communication segment attached to\nthe hardware where the MySQL Server executes to compromise MySQL\nServer. Successful attacks of this vulnerability can result in\nunauthorized access to critical data or complete access to all MySQL\nServer accessible data and unauthorized ability to cause a hang or\nfrequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0\nBase Score 6.4 (Confidentiality and Availability impacts). CVSS\nVector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).\n(CVE-2019-2503)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: Replication). Supported versions that are\naffected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior.\nEasily exploitable vulnerability allows high privileged attacker with\nnetwork access via multiple protocols to compromise MySQL Server.\nSuccessful attacks of this vulnerability can result in unauthorized\nability to cause a hang or frequently repeatable crash (complete DOS)\nof MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS\nVector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).\n(CVE-2019-2531)\n\nVulnerability in the MySQL Server component of Oracle MySQL\n(subcomponent: Server: PS). Supported versions that are affected are\n5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily\nexploitable vulnerability allows low privileged attacker with network\naccess via multiple protocols to compromise MySQL Server. Successful\nattacks of this vulnerability can result in unauthorized ability to\ncause a hang or frequently repeatable crash (complete DOS) of MySQL\nServer. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:\n(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). (CVE-2019-2482)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1178.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update mysql56' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-bench\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-embedded\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-embedded-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-errmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:mysql56-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-bench-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-common-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-debuginfo-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-devel-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-embedded-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-embedded-devel-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-errmsg-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-libs-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-server-5.6.43-1.32.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"mysql56-test-5.6.43-1.32.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mysql56 / mysql56-bench / mysql56-common / mysql56-debuginfo / etc\");\n}\n", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-17T23:19:53", "description": "The version of MySQL running on the remote host is 5.6.x prior to 5.6.43. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-04-25T00:00:00", "type": "nessus", "title": "MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2019-04-25T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "700623.PRM", "href": "https://www.tenable.com/plugins/nnm/700623", "sourceData": "Binary data 700623.prm", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2023-02-01T15:09:16", "description": "The version of MySQL running on the remote host is 5.6.x prior to 5.6.43. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the 'Server: Replication' subcomponent could allow an low privileged attacker with network access via multiple protocols to gain unauthorized access critical data or complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the 'Server: Optimizer' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the 'Server: PS' subcomponent could allow an low privileged attacker with network access via multiple protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "baseScore": 7.1, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 4.2}, "published": "2019-01-17T00:00:00", "type": "nessus", "title": "MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 4.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-3123", "CVE-2019-2455", "CVE-2019-2481", "CVE-2019-2482", "CVE-2019-2503", "CVE-2019-2507", "CVE-2019-2529", "CVE-2019-2531", "CVE-2019-2534", "CVE-2019-2537"], "modified": "2022-10-05T00:00:00", "cpe": ["cpe:/a:oracle:mysql"], "id": "MYSQL_5_6_43.NASL", "href": "https://www.tenable.com/plugins/nessus/121227", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121227);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/10/05\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-3123\",\n \"CVE-2019-2455\",\n \"CVE-2019-2481\",\n \"CVE-2019-2482\",\n \"CVE-2019-2503\",\n \"CVE-2019-2507\",\n \"CVE-2019-2529\",\n \"CVE-2019-2531\",\n \"CVE-2019-2534\",\n \"CVE-2019-2537\"\n );\n script_bugtraq_id(\n 105758,\n 106619,\n 106626,\n 106628\n );\n\n script_name(english:\"MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU)\");\n script_summary(english:\"Checks the version of MySQL server.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of MySQL running on the remote host is 5.6.x prior to\n5.6.43. It is, therefore, affected by multiple vulnerabilities,\nincluding three of the top vulnerabilities below, as noted in the\nJanuary 2019 Critical Patch Update advisory:\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Replication' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to gain unauthorized access critical data or\n complete access to all MySQL server data. (CVE-2019-2534)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: Optimizer' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2529)\n\n - An unspecified vulnerability in MySQL in the\n 'Server: PS' subcomponent could allow an low\n privileged attacker with network access via multiple\n protocols to perform a denial of service attack.\n (CVE-2019-2482)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-43.html\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to MySQL version 5.6.43 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-2534\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/17\");\n\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:mysql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\n \"mysql_version.nasl\", \n \"mysql_login.nasl\", \n \"mysql_version_local.nasl\", \n \"mysql_win_installed.nbin\", \n \"macosx_mysql_installed.nbin\"\n );\n script_require_keys(\"installed_sw/MySQL Server\");\n\n exit(0);\n}\n\ninclude('vcf_extras_mysql.inc');\n\nvar app_info = vcf::mysql::combined_get_app_info();\n\nvar constraints = [{ 'min_version' : '5.6.0', 'fixed_version' : '5.6.43'}];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);", "cvss": {"score": 5.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:N"}}, {"lastseen": "2021-12-23T02:29:32", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - A deserialization vulnerability in Apache Commons FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack.\n An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734)\n\n - A denial of service (DoS) vulnerability exists in Apache HTTP Server 2.4.17 to 2.4.34, due to a design error. An unauthenticated, remote attacker can exploit this issue by sending continuous, large SETTINGS frames to cause a client to occupy a connection, server thread and CPU time without any connection timeout coming to effect.\n This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.\n (CVE-2018-11763).\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform. (CVE-2018-1258)", "cvss3": {}, "published": "2019-05-15T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Ops Center (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-1000031", "CVE-2018-0161", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-5407", "CVE-2018-11763", "CVE-2017-9798", "CVE-2018-1258", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-1257", "CVE-2018-15756"], "modified": "2019-05-17T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager_ops_center"], "id": "ORACLE_ENTERPRISE_MANAGER_OPS_CENTER_APR_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/125147", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125147);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/05/17 9:44:17\");\n\n script_cve_id(\n \"CVE-2016-1000031\",\n \"CVE-2018-0161\",\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-5407\",\n \"CVE-2018-11763\",\n \"CVE-2017-9798\",\n \"CVE-2018-1258\",\n \"CVE-2018-11039\",\n \"CVE-2018-11040\",\n \"CVE-2018-1257\",\n \"CVE-2018-15756\"\n );\n\n script_bugtraq_id(\n 93604,\n 100872,\n 103573,\n 104222,\n 104260,\n 105414,\n 105703,\n 105750,\n 105758,\n 105897,\n 107984,\n 107986\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0130\");\n\n script_name(english:\"Oracle Enterprise Manager Ops Center (Apr 2019 CPU)\");\n script_summary(english:\"Checks for the patch ID.\");\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in\nEnterprise Manager Base Platform component:\n\n - A deserialization vulnerability in Apache Commons\n FileUpload allows for remote code execution.\n (CVE-2016-1000031)\n\n - An information disclosure vulnerability exists in OpenSSL\n due to the potential for a side-channel timing attack.\n An unauthenticated attacker can exploit this to disclose\n potentially sensitive information. (CVE-2018-0734)\n\n - A denial of service (DoS) vulnerability exists in Apache\n HTTP Server 2.4.17 to 2.4.34, due to a design error. An\n unauthenticated, remote attacker can exploit this issue\n by sending continuous, large SETTINGS frames to cause a\n client to occupy a connection, server thread and CPU\n time without any connection timeout coming to effect.\n This affects only HTTP/2 connections. A possible\n mitigation is to not enable the h2 protocol.\n (CVE-2018-11763).\n\n - Networking component of Enterprise Manager Base Platform\n (Spring Framework) is easily exploited and may allow an\n unauthenticated, remote attacker to takeover the\n Enterprise Manager Base Platform. (CVE-2018-1258)\n\n\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019\nOracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2016-1000031\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"agent\", value:\"unix\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager_ops_center\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_ops_center_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Ops Center\");\n\n exit(0);\n}\n\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('install_func.inc');\n\nget_kb_item_or_exit('Host/local_checks_enabled');\napp_name = 'Oracle Enterprise Manager Ops Center';\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nversion_full = install['Full Patch Version'];\npath = install['path'];\npatch_version = install['Patch Version'];\n\n\npatchid = NULL;\nfix = NULL;\n\nif (version_full =~ \"^12\\.3\\.3\\.\")\n{\n patchid = '29623885';\n fix = '1819';\n} \n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\nif (ver_compare(ver:patch_version, fix:fix, strict:FALSE) != -1)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version_full, path);\n\nreport = \n '\\n Path : ' + path + \n '\\n Version : ' + version + \n '\\n Ops Agent Version : ' + version_full + \n '\\n Current Patch : ' + patch_version + \n '\\n Fixed Patch Version : ' + fix +\n '\\n Fix : ' + patchid;\n\nsecurity_report_v4(extra:report, severity:SECURITY_HOLE, port:0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:52:57", "description": "The version of Oracle HTTP Server installed on the remote host is affected by vulnerabilities as noted in the October 2018 CPU advisory:\n\n - A vulnerability exists in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener (curl)). The affected version is 12.2.1.3. This is a difficult to exploit vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. A successful attacks requires human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle HTTP Server. (CVE-2018-1000300) \n - A denial of service (DoS) vulnerability exists in curl due to Buffer Over-read. Affected versions are from curl version 7.20.0 to curl 7.59.0. The vulnerable component can be tricked into reading data beyond the end of the heap.\n An unauthenticated attacked with network access can exploit this issue to cause the application to stop responding.\n (CVE-2018-1000301)\n\n - A buffer over-read vulnerability exists in curl that could lead to information leakage. Affected versions are from 7.20.0 to curl 7.58.0. A vulnerability in the RTSP+RTP handling code could allows an attacker to cause a denial of service or information leakage. An unauthenticated attacked with network access can exploit this vulnerability to cause a denial of service (DoS) or to leak information from the vulnerable application.\n (CVE-2018-1000122)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-16T00:00:00", "type": "nessus", "title": "Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301"], "modified": "2022-04-11T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:http_server"], "id": "ORACLE_HTTP_SERVER_CPU_OCT_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/124090", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124090);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/04/11\");\n\n script_cve_id(\n \"CVE-2018-1000120\",\n \"CVE-2018-1000121\",\n \"CVE-2018-1000122\",\n \"CVE-2018-1000300\",\n \"CVE-2018-1000301\"\n );\n script_bugtraq_id(\n 103414,\n 103415,\n 103436,\n 104207,\n 104225\n );\n\n script_name(english:\"Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (October 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle HTTP Server installed on the remote host is\naffected by vulnerabilities as noted in the October 2018 CPU advisory:\n\n - A vulnerability exists in the Oracle HTTP Server component\n of Oracle Fusion Middleware (subcomponent: Web Listener\n (curl)). The affected version is 12.2.1.3. This is a \n difficult to exploit vulnerability that allows an\n unauthenticated attacker with network access via HTTP to\n compromise Oracle HTTP Server. A successful attacks\n requires human interaction from a person other than the\n attacker. Successful attacks of this vulnerability can\n result in takeover of Oracle HTTP Server. (CVE-2018-1000300)\n \n - A denial of service (DoS) vulnerability exists in curl due\n to Buffer Over-read. Affected versions are from curl version\n 7.20.0 to curl 7.59.0. The vulnerable component can be\n tricked into reading data beyond the end of the heap.\n An unauthenticated attacked with network access can exploit\n this issue to cause the application to stop responding.\n (CVE-2018-1000301)\n\n - A buffer over-read vulnerability exists in curl that could lead to\n information leakage. Affected versions are from 7.20.0 to\n curl 7.58.0. A vulnerability in the RTSP+RTP handling code\n could allows an attacker to cause a denial of service or\n information leakage. An unauthenticated attacked with \n network access can exploit this vulnerability to cause\n a denial of service (DoS) or to leak information\n from the vulnerable application.\n (CVE-2018-1000122)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?705136d8\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the October 2018 Oracle Critical Patch Update advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000300\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:http_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Web Servers\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_http_server_installed.nbin\");\n script_require_keys(\"Oracle/OHS/Installed\");\n\n exit(0);\n}\n\ninclude('oracle_http_server_patch_func.inc');\n\nget_kb_item_or_exit('Oracle/OHS/Installed');\ninstall_list = get_kb_list_or_exit('Oracle/OHS/*/EffectiveVersion');\n\ninstall = branch(install_list, key:TRUE, value:TRUE);\n\npatches = make_array();\npatches['12.2.1.3'] = make_array('fix_ver', '12.2.1.3.180710', 'patch', '28281599');\n\noracle_http_server_check_vuln(\n install : install,\n min_patches : patches,\n severity : SECURITY_HOLE\n);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:18", "description": "According to its self-reported version number, the Oracle Primavera Unifier installation running on the remote web server is 16.x prior to 16.2.15.6 or 17.x prior to 17.12.9.2 or 18.x prior to 18.8.4.1. It is, therefore, affected by multiple vulnerabilities:\n\n - An arbitrary file upload vulnerability exists in Blueimp jQuery-File-Upload. An unauthenticated, remote attacker can exploit this to upload arbitrary files on the remote host subject to the privileges of the user.\n\n - A remote command execution vulnerability exists in jackson-databind due to a failure to block various classes from polymorphic deserialization. An unauthenticated, remote attacker can exploit this to execute arbitrary code. (CVE-2018-14718, CVE-2018-14719 CVE-2018-14720, CVE-2018-14721)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-01-18T00:00:00", "type": "nessus", "title": "Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-9206"], "modified": "2022-05-24T00:00:00", "cpe": ["cpe:/a:oracle:primavera_unifier"], "id": "ORACLE_PRIMAVERA_UNIFIER_CPU_JAN_2019.NASL", "href": "https://www.tenable.com/plugins/nessus/121251", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121251);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/24\");\n\n script_cve_id(\n \"CVE-2018-9206\",\n \"CVE-2018-14718\",\n \"CVE-2018-14719\",\n \"CVE-2018-14720\",\n \"CVE-2018-14721\"\n );\n\n script_name(english:\"Oracle Primavera Unifier Multiple Vulnerabilities (Jan 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application running on the remote web server is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its self-reported version number, the Oracle Primavera\nUnifier installation running on the remote web server is 16.x prior to\n16.2.15.6 or 17.x prior to 17.12.9.2 or 18.x prior to 18.8.4.1. It is, \ntherefore, affected by multiple vulnerabilities:\n\n - An arbitrary file upload vulnerability exists in Blueimp\n jQuery-File-Upload. An unauthenticated, remote attacker \n can exploit this to upload arbitrary files on the remote \n host subject to the privileges of the user.\n\n - A remote command execution vulnerability exists in\n jackson-databind due to a failure to block various\n classes from polymorphic deserialization. An \n unauthenticated, remote attacker can exploit this to\n execute arbitrary code. (CVE-2018-14718, CVE-2018-14719\n CVE-2018-14720, CVE-2018-14721)\n\nNote that Nessus has not tested for these issues but has instead\nrelied only on the application's self-reported version number.\");\n # https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?799b2d05\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Oracle Primavera Unifier version 16.2.15.6 / 17.12.9.2 / 18.8.4.1 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:F/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:F/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-9206\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-14721\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"d2_elliot_name\", value:\"jQuery File Upload\");\n script_set_attribute(attribute:\"exploit_framework_d2_elliot\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'blueimps jQuery (Arbitrary) File Upload');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n script_set_attribute(attribute:\"exploit_framework_canvas\", value:\"true\");\n script_set_attribute(attribute:\"canvas_package\", value:\"CANVAS\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:primavera_unifier\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_primavera_unifier.nbin\");\n script_require_keys(\"installed_sw/Oracle Primavera Unifier\", \"www/weblogic\");\n script_require_ports(\"Services/www\", 8002);\n\n exit(0);\n}\n\ninclude(\"http.inc\");\ninclude(\"vcf.inc\");\n\nget_install_count(app_name:\"Oracle Primavera Unifier\", exit_if_zero:TRUE);\n\nport = get_http_port(default:8002);\nget_kb_item_or_exit(\"www/weblogic/\" + port + \"/installed\");\n\napp_info = vcf::get_app_info(app:\"Oracle Primavera Unifier\", port:port);\n\nvcf::check_granularity(app_info:app_info, sig_segments:3);\n\nconstraints = [\n { \"min_version\" : \"16.1.0.0\", \"fixed_version\" : \"16.2.15.6\" },\n { \"min_version\" : \"17.1.0.0\", \"fixed_version\" : \"17.12.9.2\" },\n { \"min_version\" : \"18.8.0.0\", \"fixed_version\" : \"18.8.4.1\" }\n];\n\nvcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE); \n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:47:32", "description": "The version of Oracle Secure Global Desktop installed on the remote host is 5.3 / 5.4 and is missing a security patch from the July 2018 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities:\n\n - curl version curl 7.54.1 to and including curl 7.59.0 contains a Heap-based Buffer Overflow vulnerability in FTP connection closing down functionality which can lead to DoS and RCE conditions. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0. (CVE-2018-1000300)\n\n - Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. It was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to unauthorized users. (CVE-2018-1305)\n\n - ASN.1 types with a recursive definition could exceed the stack given malicious input with excessive recursion. This could result in a Denial Of Service attack. Fixed in OpenSSL 1.1.0h (Affected 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\n (CVE-2018-0739)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-07-25T00:00:00", "type": "nessus", "title": "Oracle Secure Global Desktop Multiple Vulnerabilities (July 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-3738", "CVE-2018-0733", "CVE-2018-0739", "CVE-2018-1000120", "CVE-2018-1000121", "CVE-2018-1000122", "CVE-2018-1000300", "CVE-2018-1000301", "CVE-2018-1304", "CVE-2018-1305"], "modified": "2021-10-25T00:00:00", "cpe": ["cpe:/a:oracle:virtualization_secure_global_desktop"], "id": "ORACLE_SECURE_GLOBAL_DESKTOP_JUL_2018_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/111333", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(111333);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/25\");\n\n script_cve_id(\n \"CVE-2017-3738\",\n \"CVE-2018-0733\",\n \"CVE-2018-0739\",\n \"CVE-2018-1304\",\n \"CVE-2018-1305\",\n \"CVE-2018-1000120\",\n \"CVE-2018-1000121\",\n \"CVE-2018-1000122\",\n \"CVE-2018-1000300\",\n \"CVE-2018-1000301\"\n );\n script_bugtraq_id(\n 102118,\n 103144,\n 103170,\n 103414,\n 103415,\n 103436,\n 103517,\n 103518,\n 104207,\n 104225\n );\n\n script_name(english:\"Oracle Secure Global Desktop Multiple Vulnerabilities (July 2018 CPU)\");\n script_summary(english:\"Checks the version of Oracle Secure Global Desktop.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application installed on the remote host is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Secure Global Desktop installed on the remote\nhost is 5.3 / 5.4 and is missing a security patch from the July 2018\nCritical Patch Update (CPU). It is, therefore, affected by multiple\nvulnerabilities:\n\n - curl version curl 7.54.1 to and including curl 7.59.0 contains a \n Heap-based Buffer Overflow vulnerability in FTP connection closing\n down functionality which can lead to DoS and RCE conditions. This \n vulnerability appears to have been fixed in curl < 7.54.1 and \n curl >= 7.60.0. (CVE-2018-1000300)\n\n - Security constraints defined by annotations of Servlets in Apache \n Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and \n 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. \n It was possible - depending on the order Servlets were loaded - for \n some security constraints not to be applied. This could have exposed \n resources to unauthorized users. (CVE-2018-1305)\n\n - ASN.1 types with a recursive definition could exceed the stack \n given malicious input with excessive recursion. This could result \n in a Denial Of Service attack. Fixed in OpenSSL 1.1.0h (Affected \n 1.1.0-1.1.0g). Fixed in OpenSSL 1.0.2o (Affected 1.0.2b-1.0.2n).\n (CVE-2018-0739)\");\n # https://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html#AppendixOVIR\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d4c9a415\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the July 2018 Oracle\nCritical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000300\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/05/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/07/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:virtualization_secure_global_desktop\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_secure_global_desktop_installed.nbin\");\n script_require_keys(\"Host/Oracle_Secure_Global_Desktop/Version\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\n\napp = 'Oracle Secure Global Desktop';\nversion = get_kb_item_or_exit('Host/Oracle_Secure_Global_Desktop/Version');\n\n# this check is for Oracle Secure Global Desktop packages built for Linux platform\nuname = get_kb_item_or_exit('Host/uname');\nif ('Linux' >!< uname) audit(AUDIT_OS_NOT, 'Linux');\n\nfix_required = NULL;\n\nif (version =~ \"^5\\.30($|\\.)\")\n fix_required = make_list('Patch_53p5');\nelse if (version =~ \"^5\\.40($|\\.)\")\n fix_required = make_list('Patch_54p1', 'Patch_54p2', 'Patch_54p3');\n\nif (isnull(fix_required)) audit(AUDIT_INST_VER_NOT_VULN, 'Oracle Secure Global Desktop', version);\n\npatches = get_kb_list('Host/Oracle_Secure_Global_Desktop/Patches');\n\npatched = FALSE;\nforeach patch (patches)\n{\n foreach fix (fix_required)\n {\n if (patch == fix)\n {\n patched = TRUE;\n break;\n }\n }\n if (patched) break;\n}\n\nif (patched) audit(AUDIT_INST_VER_NOT_VULN, app, version + ' (with ' + patch + ')');\n\n\nreport = '\\n Installed version : ' + version +\n '\\n Patch required : ' + fix_required[0] +\n '\\n';\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_HOLE);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-04T14:51:20", "description": "Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2018-12-01T00:00:00", "type": "nessus", "title": "Debian DSA-4348-1 : openssl - security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0732", "CVE-2018-0734", "CVE-2018-0735", "CVE-2018-0737", "CVE-2018-5407"], "modified": "2020-06-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:openssl", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4348.NASL", "href": "https://www.tenable.com/plugins/nessus/119313", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4348. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119313);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/18\");\n\n script_cve_id(\"CVE-2018-0732\", \"CVE-2018-0734\", \"CVE-2018-0735\", \"CVE-2018-0737\", \"CVE-2018-5407\");\n script_xref(name:\"DSA\", value:\"4348\");\n\n script_name(english:\"Debian DSA-4348-1 : openssl - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Several local side channel attacks and a denial of service via large\nDiffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets\nLayer toolkit.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/openssl\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2018/dsa-4348\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the openssl packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 1.1.0j-1~deb9u1. Going forward, openssl security updates\nfor stretch will be based on the 1.1.0x upstream releases.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-0737\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libcrypto1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-dev\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl-doc\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libssl1.1-udeb\", reference:\"1.1.0j-1~deb9u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"openssl\", reference:\"1.1.0j-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:50:53", "description": "Several deserialization flaws were discovered in jackson-databind, a fast and powerful JSON library for Java, which could allow an unauthenticated user to perform code execution. The issue was resolved by extending the blacklist and blocking more classes from polymorphic deserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "CHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 10.0, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 6.0}, "published": "2019-03-05T00:00:00", "type": "nessus", "title": "Debian DLA-1703-1 : jackson-databind security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libjackson2-databind-java", "p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1703.NASL", "href": "https://www.tenable.com/plugins/nessus/122603", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1703-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122603);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\");\n\n script_name(english:\"Debian DLA-1703-1 : jackson-databind security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several deserialization flaws were discovered in jackson-databind, a\nfast and powerful JSON library for Java, which could allow an\nunauthenticated user to perform code execution. The issue was resolved\nby extending the blacklist and blocking more classes from polymorphic\ndeserialization.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n2.4.2-2+deb8u5.\n\nWe recommend that you upgrade your jackson-databind packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/jackson-databind\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjackson2-databind-java-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java\", reference:\"2.4.2-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.4.2-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-04T14:43:58", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework) is easily exploited and may allow an unauthenticated, remote attacker to takeover the Enterprise Manager Base Platform.\n (CVE-2018-1258, CVE-2018-11039, CVE-2018-11040, CVE-2018-1257, CVE-2018-15756)\n\n - Agent Next Gen (IBM Java) vulnerability allows unauthenticated, remote attacker unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data. (CVE-2018-1656, CVE-2018-12539)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential for a side-channel timing attack. An unauthenticated attacker can exploit this to disclose potentially sensitive information. (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-04-18T00:00:00", "type": "nessus", "title": "Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-0734", "CVE-2018-0735", "CVE-2018-11039", "CVE-2018-11040", "CVE-2018-12539", "CVE-2018-1257", "CVE-2018-1258", "CVE-2018-15756", "CVE-2018-1656", "CVE-2018-5407"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:oracle:enterprise_manager"], "id": "ORACLE_ENTERPRISE_MANAGER_APR_2019_CPU.NASL", "href": "https://www.tenable.com/plugins/nessus/124157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124157);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\n \"CVE-2018-0734\",\n \"CVE-2018-0735\",\n \"CVE-2018-1257\",\n \"CVE-2018-1258\",\n \"CVE-2018-1656\",\n \"CVE-2018-5407\",\n \"CVE-2018-11039\",\n \"CVE-2018-11040\",\n \"CVE-2018-12539\",\n \"CVE-2018-15756\"\n );\n script_bugtraq_id(\n 104222,\n 104260,\n 105118,\n 105126,\n 105703,\n 105750,\n 105758,\n 105897\n );\n script_xref(name:\"IAVA\", value:\"2019-A-0130\");\n script_xref(name:\"CEA-ID\", value:\"CEA-2021-0004\");\n\n script_name(english:\"Oracle Enterprise Manager Cloud Control (Apr 2019 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An enterprise management application installed on the remote host is\naffected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle Enterprise Manager Cloud Control installed on\nthe remote host is affected by multiple vulnerabilities in\nEnterprise Manager Base Platform component:\n\n - Networking component of Enterprise Manager Base Platform (Spring Framework)\n is easily exploited and may allow an unauthenticated, remote attacker to takeover\n the Enterprise Manager Base Platform.\n (CVE-2018-1258, CVE-2018-11039, CVE-2018-11040, CVE-2018-1257, CVE-2018-15756)\n\n - Agent Next Gen (IBM Java) vulnerability allows unauthenticated, remote attacker\n unauthorized access to critical data or complete access to all Enterprise Manager\n Base Platform accessible data. (CVE-2018-1656, CVE-2018-12539)\n\n - An information disclosure vulnerability exists in OpenSSL due to the potential\n for a side-channel timing attack. An unauthenticated attacker can exploit\n this to disclose potentially sensitive information. \n (CVE-2018-0734, CVE-2018-0735, CVE-2018-5407)\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9166970d\");\n # https://support.oracle.com/rs?type=doc&id=2498664.1\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ba7181fa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2019\nOracle Critical Patch Update advisory.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1258\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/18\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:enterprise_manager\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_enterprise_manager_installed.nbin\");\n script_require_keys(\"installed_sw/Oracle Enterprise Manager Cloud Control\");\n\n exit(0);\n}\n\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('oracle_rdbms_cpu_func.inc');\ninclude('install_func.inc');\n\nproduct = 'Oracle Enterprise Manager Cloud Control';\ninstall = get_single_install(app_name:product, exit_if_unknown_ver:TRUE);\nversion = install['version'];\nemchome = install['path'];\n\npatchid = NULL;\nmissing = NULL;\npatched = FALSE;\nfix = NULL;\n\nif (version =~ '^13\\\\.3\\\\.0\\\\.0(\\\\.[0-9]+)?$')\n{\n patchid = '29433931';\n fix = '13.3.0.0.190416';\n}\nelse if (version =~ '^13\\\\.2\\\\.0\\\\.0(\\\\.[0-9]+)?$')\n{\n patchid = '29433916';\n fix = '13.2.0.0.190416';\n}\nelse if (version =~ '^12\\\\.1\\\\.0\\\\.5(\\\\.[0-9]+)?$')\n{\n patchid = '29433895';\n fix = '12.1.0.5.190416';\n}\n\nif (isnull(patchid))\n audit(AUDIT_HOST_NOT, 'affected');\n\n# compare version to check if we've already adjusted for patch level during detection\nif (ver_compare(ver:version, fix:fix, strict:FALSE) >= 0)\n audit(AUDIT_INST_PATH_NOT_VULN, product, version, emchome);\n\n# Now look for the affected components\npatchesinstalled = find_patches_in_ohomes(ohomes:make_list(emchome));\nif (isnull(patchesinstalled))\n missing = patchid;\nelse\n{\n foreach applied (keys(patchesinstalled[emchome]))\n {\n if (applied == patchid)\n {\n patched = TRUE;\n break;\n }\n else\n {\n foreach bugid (patchesinstalled[emchome][applied]['bugs'])\n {\n if (bugid == patchid)\n {\n patched = TRUE;\n break;\n }\n }\n if (patched) break;\n }\n }\n if (!patched)\n missing = patchid;\n}\n\nif (empty_or_null(missing))\n audit(AUDIT_HOST_NOT, 'affected');\n\norder = make_list('Product', 'Version', 'Missing patch');\nreport = make_array(\n order[0], product,\n order[1], version,\n order[2], patchid\n);\nreport = report_items_str(report_items:report, ordered_fields:order);\n\nsecurity_report_v4(port:0, extra:report, severity:SECURITY_WARNING);\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:23:00", "description": "Multiple security issues were found in jackson-databind, a Java library to parse JSON and other data formats which could result in information disclosure or the execution of arbitrary code.", "cvss3": {}, "published": "2019-05-28T00:00:00", "type": "nessus", "title": "Debian DSA-4452-1 : jackson-databind - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-14718", "CVE-2018-14719", "CVE-2018-14720", "CVE-2018-14721", "CVE-2018-19360", "CVE-2018-19361", "CVE-2018-19362", "CVE-2019-12086"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:jackson-databind", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4452.NASL", "href": "https://www.tenable.com/plugins/nessus/125416", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4452. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125416);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2018-11307\", \"CVE-2018-12022\", \"CVE-2018-12023\", \"CVE-2018-14718\", \"CVE-2018-14719\", \"CVE-2018-14720\", \"CVE-2018-14721\", \"CVE-2018-19360\", \"CVE-2018-19361\", \"CVE-2018-19362\", \"CVE-2019-12086\");\n script_xref(name:\"DSA\", value:\"4452\");\n\n script_name(english:\"Debian DSA-4452-1 : jackson-databind - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple security issues were found in jackson-databind, a Java\nlibrary to parse JSON and other data formats which could result in\ninformation disclosure or the execution of arbitrary code.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/jackson-databind\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?61134ddf\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/jackson-databind\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4452\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the jackson-databind packages.\n\nFor the stable distribution (stretch), these problems have been fixed\nin version 2.8.6-1+deb9u5.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-19362\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:jackson-databind\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java\", reference:\"2.8.6-1+deb9u5\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libjackson2-databind-java-doc\", reference:\"2.8.6-1+deb9u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:50", "description": "The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by multiple vulnerabilities in Enterprise Manager Base Platform component:\n\n - A remote code execution vulnerability exists in Jython before 2.7.1rc1.\n An unauthenticated, remote attacker can exploit this by sending a serialized function to the deserializer.\n (CVE-2016-4000)\n\n - A denial of service (DoS) vulnerability exists in OpenSSL due to the client spending long periods of time generating a key from large prime values. A malicious remote server can exploit this issue via sending a very large prime value to the clients, resulting in a hang until the client has finished generating the key.\n (CVE-2018-0732)", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV: