{"id": "ELSA-2012-0321", "bulletinFamily": "unix", "title": "cvs security update", "description": "[1.11.23-11.el6_2.1]\n- Fix CVE-2012-0804 (Resolves: #784338)", "published": "2012-02-21T00:00:00", "modified": "2012-02-21T00:00:00", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "href": "http://linux.oracle.com/errata/ELSA-2012-0321.html", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2012-0804"], "type": "oraclelinux", "lastseen": "2019-05-29T18:37:43", "edition": 4, "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2012-0804"]}, {"type": "ubuntu", "idList": ["USN-1371-1"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310881181", "OPENVAS:1361412562310831638", "OPENVAS:1361412562310863743", "OPENVAS:881181", "OPENVAS:1361412562310120416", "OPENVAS:870572", "OPENVAS:1361412562310863893", "OPENVAS:840906", "OPENVAS:831638", "OPENVAS:70726"]}, {"type": "centos", "idList": ["CESA-2012:0321"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:12177", "SECURITYVULNS:DOC:27629"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2407-1:DB9C1"]}, {"type": "amazon", "idList": ["ALAS-2012-051"]}, {"type": "gentoo", "idList": ["GLSA-201701-44"]}, {"type": "redhat", "idList": ["RHSA-2012:0321"]}, {"type": "nessus", "idList": ["SUSE_CVS-7991.NASL", "SUSE_11_4_CVS-120222.NASL", "DEBIAN_DSA-2407.NASL", "ORACLELINUX_ELSA-2012-0321.NASL", "SUSE_11_CVS-120222.NASL", "SOLARIS11_CVS_20140731.NASL", "GENTOO_GLSA-201701-44.NASL", "SL_20120221_CVS_ON_SL5_X.NASL", "FEDORA_2012-1400.NASL", "MANDRIVA_MDVSA-2012-044.NASL"]}, {"type": "fedora", "idList": ["FEDORA:ACE1020DA2", "FEDORA:2326F20BA8"]}], "modified": "2019-05-29T18:37:43", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-05-29T18:37:43", "rev": 2}, "vulnersScore": 7.1}, "affectedPackage": [{"OS": "Oracle Linux", "OSVersion": "6", "arch": "src", "operator": "lt", "packageFilename": "cvs-1.11.23-11.el6_2.1.src.rpm", "packageName": "cvs", "packageVersion": "1.11.23-11.el6_2.1"}, {"OS": "Oracle Linux", "OSVersion": "6", "arch": "src", "operator": "lt", "packageFilename": "cvs-1.11.23-11.el6_2.1.src.rpm", "packageName": "cvs", "packageVersion": "1.11.23-11.el6_2.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.ia64.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "6", "arch": "x86_64", "operator": "lt", "packageFilename": "cvs-1.11.23-11.el6_2.1.x86_64.rpm", "packageName": "cvs", "packageVersion": "1.11.23-11.el6_2.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.x86_64.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.i386.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "src", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.src.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "src", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.src.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "src", "operator": "lt", "packageFilename": "cvs-1.11.22-11.el5_8.1.src.rpm", "packageName": "cvs", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "x86_64", "operator": "lt", "packageFilename": "cvs-inetd-1.11.22-11.el5_8.1.x86_64.rpm", "packageName": "cvs-inetd", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "i386", "operator": "lt", "packageFilename": "cvs-inetd-1.11.22-11.el5_8.1.i386.rpm", "packageName": "cvs-inetd", "packageVersion": "1.11.22-11.el5_8.1"}, {"OS": "Oracle Linux", "OSVersion": "6", "arch": "i686", "operator": "lt", "packageFilename": "cvs-1.11.23-11.el6_2.1.i686.rpm", "packageName": "cvs", "packageVersion": "1.11.23-11.el6_2.1"}, {"OS": "Oracle Linux", "OSVersion": "5", "arch": "ia64", "operator": "lt", "packageFilename": "cvs-inetd-1.11.22-11.el5_8.1.ia64.rpm", "packageName": "cvs-inetd", "packageVersion": "1.11.22-11.el5_8.1"}], "scheme": null}

{"cve": [{"lastseen": "2021-02-02T05:59:46", "description": "Heap-based buffer overflow in the proxy_connect function in src/client.c in CVS 1.11 and 1.12 allows remote HTTP proxy servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTTP response.", "edition": 4, "cvss3": {}, "published": "2012-05-29T20:55:00", "title": "CVE-2012-0804", "type": "cve", "cwe": ["CWE-119"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-0804"], "modified": "2018-01-18T02:29:00", "cpe": ["cpe:/a:cvs:cvs:1.11", "cpe:/a:cvs:cvs:1.12"], "id": "CVE-2012-0804", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-0804", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:cvs:cvs:1.11:*:*:*:*:*:*:*", "cpe:2.3:a:cvs:cvs:1.12:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-08T23:34:41", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "It was discovered that cvs incorrectly handled certain responses from \nproxy servers. If a user were tricked into connecting to a malicious proxy \nserver, a remote attacker could cause cvs to crash, or possibly execute \narbitrary code.", "edition": 5, "modified": "2012-02-22T00:00:00", "published": "2012-02-22T00:00:00", "id": "USN-1371-1", "href": "https://ubuntu.com/security/notices/USN-1371-1", "title": "cvs vulnerability", "type": "ubuntu", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "centos": [{"lastseen": "2020-10-30T13:21:58", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "**CentOS Errata and Security Advisory** CESA-2012:0321\n\n\nConcurrent Version System (CVS) is a version control system that can record\nthe history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use this\nflaw to cause the CVS client to crash or, possibly, execute arbitrary code\nwith the privileges of the user running the CVS client. (CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages, which\ncontain a patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2012-February/030491.html\nhttp://lists.centos.org/pipermail/centos-cr-announce/2013-January/006526.html\n\n**Affected packages:**\ncvs\ncvs-inetd\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2012-0321.html", "edition": 89, "modified": "2013-01-11T13:17:41", "published": "2012-02-22T14:28:34", "href": "http://lists.centos.org/pipermail/centos-announce/2012-February/030491.html", "id": "CESA-2012:0321", "title": "cvs security update", "type": "centos", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2019-05-30T02:22:20", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-2407-1 security@debian.org\nhttp://www.debian.org/security/ Florian Weimer\nFebruary 09, 2012 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : cvs\nVulnerability : heap overflow\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2012-0804\n\nIt was discovered that a malicious CVS server could cause a heap\noverflow in the CVS client, potentially allowing the server to execute\narbitrary code on the client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.12.13-12+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:1.12.13+real-7.\n\nWe recommend that you upgrade your cvs packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: http://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 2, "modified": "2012-02-09T13:05:53", "published": "2012-02-09T13:05:53", "id": "DEBIAN:DSA-2407-1:DB9C1", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2012/msg00034.html", "title": "[SECURITY] [DSA 2407-1] cvs security update", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2019-08-13T18:45:02", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "Concurrent Version System (CVS) is a version control system that can record\nthe history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use this\nflaw to cause the CVS client to crash or, possibly, execute arbitrary code\nwith the privileges of the user running the CVS client. (CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages, which\ncontain a patch to correct this issue.\n", "modified": "2018-06-06T20:24:19", "published": "2012-02-21T05:00:00", "id": "RHSA-2012:0321", "href": "https://access.redhat.com/errata/RHSA-2012:0321", "type": "redhat", "title": "(RHSA-2012:0321) Moderate: cvs security update", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:46", "bulletinFamily": "software", "cvelist": ["CVE-2012-0804"], "description": "Heap buffer overflow on server response parsing.", "edition": 1, "modified": "2012-02-12T00:00:00", "published": "2012-02-12T00:00:00", "id": "SECURITYVULNS:VULN:12177", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:12177", "title": "CVS client buffer overflow", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-08-31T11:10:43", "bulletinFamily": "software", "cvelist": ["CVE-2012-0804"], "description": "-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA1\r\n\r\n- -------------------------------------------------------------------------\r\nDebian Security Advisory DSA-2407-1 security@debian.org\r\nhttp://www.debian.org/security/ Florian Weimer\r\nFebruary 09, 2012 http://www.debian.org/security/faq\r\n- -------------------------------------------------------------------------\r\n\r\nPackage : cvs\r\nVulnerability : heap overflow\r\nProblem type : remote\r\nDebian-specific: no\r\nCVE ID : CVE-2012-0804\r\n\r\nIt was discovered that a malicious CVS server could cause a heap\r\noverflow in the CVS client, potentially allowing the server to execute\r\narbitrary code on the client.\r\n\r\nFor the stable distribution &#40;squeeze&#41;, this problem has been fixed in\r\nversion 1:1.12.13-12+squeeze1.\r\n\r\nFor the unstable distribution &#40;sid&#41;, this problem has been fixed in\r\nversion 2:1.12.13+real-7.\r\n\r\nWe recommend that you upgrade your cvs packages.\r\n\r\nFurther information about Debian Security Advisories, how to apply\r\nthese updates to your system and frequently asked questions can be\r\nfound at: http://www.debian.org/security/\r\n\r\nMailing list: debian-security-announce@lists.debian.org\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1.4.9 &#40;GNU/Linux&#41;\r\n\r\niQEcBAEBAgAGBQJPM8aCAAoJEL97/wQC1SS+sTkH/0CT3+vm2K0QcK8KUEJcY7ML\r\na9Wt/rChtSDnWWAcUJqnzizR0HJbjKdOzlX6RqVOfR3JwFfMPMo0j3RA8tqEb+Mn\r\nl/Z9pdI/fJAB0qSrlb1yeWQaL1k/GQo1bcIbRsAEbAeETDTzbNRVuEm0O1Arf6ij\r\nIwIa9B54Gbfuw4eEvzCJeaokyp/yMS4TEoxuPC/GYQkQTwEOeEhbh9PLz9p+W5k8\r\nwTNhYzvIGNaUFqg0NKUm4ffbWyQ2f/Yt2F09UgSg5PNKraF2AhhURouwKCXLzXa8\r\nGFiAXkJqoJIrc30YjGNhzTNoWrWkFSyAlRjXnMdfZ8FfTHbJj/78FJ1bk4UTm1c=\r\n=nPqk\r\n-----END PGP SIGNATURE-----\r\n", "edition": 1, "modified": "2012-02-12T00:00:00", "published": "2012-02-12T00:00:00", "id": "SECURITYVULNS:DOC:27629", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:27629", "title": "[SECURITY] [DSA 2407-1] cvs security update", "type": "securityvulns", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "amazon": [{"lastseen": "2020-11-10T12:34:48", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "**Issue Overview:**\n\nA heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. ([CVE-2012-0804 __](<https://access.redhat.com/security/cve/CVE-2012-0804>))\n\n \n**Affected Packages:** \n\n\ncvs\n\n \n**Issue Correction:** \nRun _yum update cvs_ to update your system.\n\n \n\n\n**New Packages:**\n \n \n i686: \n cvs-debuginfo-1.11.23-11.6.amzn1.i686 \n cvs-1.11.23-11.6.amzn1.i686 \n \n src: \n cvs-1.11.23-11.6.amzn1.src \n \n x86_64: \n cvs-1.11.23-11.6.amzn1.x86_64 \n cvs-debuginfo-1.11.23-11.6.amzn1.x86_64 \n \n \n", "edition": 4, "modified": "2012-03-04T16:12:00", "published": "2012-03-04T16:12:00", "id": "ALAS-2012-051", "href": "https://alas.aws.amazon.com/ALAS-2012-51.html", "title": "Medium: cvs", "type": "amazon", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2017-01-19T20:59:34", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "edition": 1, "description": "### Background\n\nCVS (Concurrent Versions System) is an open-source network-transparent version control system. It contains both a client utility and a server. \n\n### Description\n\nA heap-based buffer overflow was discovered in the proxy_connect function in src/client.c in CVS. \n\n### Impact\n\nAn attacker, utilizing a remote HTTP proxy server, could cause a Denial of Service condition or possibly execute arbitrary code via a crafted HTTP response. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll CVS users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=dev-vcs/cvs-1.12.12-r11\"", "modified": "2017-01-19T00:00:00", "published": "2017-01-19T00:00:00", "href": "https://security.gentoo.org/glsa/201701-44", "id": "GLSA-201701-44", "title": "CVS: Heap-based overflow", "type": "gentoo", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "openvas": [{"lastseen": "2018-01-02T10:57:05", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Check for the Version of cvs", "modified": "2018-01-02T00:00:00", "published": "2012-04-02T00:00:00", "id": "OPENVAS:863893", "href": "http://plugins.openvas.org/nasl.php?oid=863893", "type": "openvas", "title": "Fedora Update for cvs FEDORA-2012-1383", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cvs FEDORA-2012-1383\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"CVS (Concurrent Versions System) is a version control system that can\n record the history of your files (usually, but not always, source\n code). CVS only stores the differences between versions, instead of\n every version of every file you have ever created. CVS also keeps a log\n of who, when, and why changes occurred.\n\n CVS is very helpful for managing releases and controlling the\n concurrent editing of source files among multiple authors. Instead of\n providing version control for a collection of files in a single\n directory, CVS provides version control for a hierarchical collection\n of directories consisting of revision controlled files. These\n directories and files can then be combined together to form a software\n release.\";\n\ntag_affected = \"cvs on Fedora 16\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-February/073326.html\");\n script_id(863893);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8267 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-02 07:29:17 +0100 (Tue, 02 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-04-02 12:30:19 +0530 (Mon, 02 Apr 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name: \"FEDORA\", value: \"2012-1383\");\n script_name(\"Fedora Update for cvs FEDORA-2012-1383\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cvs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC16\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.23~22.fc16\", rls:\"FC16\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:37:00", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Oracle Linux Local Security Checks ELSA-2012-0321", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123983", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123983", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0321", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0321.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123983\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:11:10 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0321\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0321 - cvs security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0321\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0321.html\");\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux(5|6)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.22~11.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"cvs-inetd\", rpm:\"cvs-inetd~1.11.22~11.el5_8.1\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.23~11.el6_2.1\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:39:15", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1371-1", "modified": "2019-03-13T00:00:00", "published": "2012-03-09T00:00:00", "id": "OPENVAS:1361412562310840906", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310840906", "type": "openvas", "title": "Ubuntu Update for cvs USN-1371-1", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1371_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for cvs USN-1371-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1371-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.840906\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-09 18:53:01 +0530 (Fri, 09 Mar 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name:\"USN\", value:\"1371-1\");\n script_name(\"Ubuntu Update for cvs USN-1371-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(10\\.10|10\\.04 LTS|11\\.04)\");\n script_tag(name:\"summary\", value:\"Ubuntu Update for Linux kernel vulnerabilities USN-1371-1\");\n script_tag(name:\"affected\", value:\"cvs on Ubuntu 11.04,\n Ubuntu 10.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"It was discovered that cvs incorrectly handled certain responses from\n proxy servers. If a user were tricked into connecting to a malicious proxy\n server, a remote attacker could cause cvs to crash, or possibly execute\n arbitrary code.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cvs\", ver:\"1:1.12.13-12ubuntu1.10.10.1\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cvs\", ver:\"1:1.12.13-12ubuntu1.10.04.1\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"cvs\", ver:\"1:1.12.13-12ubuntu1.11.04.1\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2017-07-24T12:51:01", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "The remote host is missing an update to cvs\nannounced via advisory DSA 2407-1.", "modified": "2017-07-07T00:00:00", "published": "2012-02-12T00:00:00", "id": "OPENVAS:70726", "href": "http://plugins.openvas.org/nasl.php?oid=70726", "type": "openvas", "title": "Debian Security Advisory DSA 2407-1 (cvs)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2407_1.nasl 6612 2017-07-07 12:08:03Z cfischer $\n# Description: Auto-generated from advisory DSA 2407-1 (cvs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that a malicious CVS server could cause a heap\noverflow in the CVS client, potentially allowing the server to execute\narbitrary code on the client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.12.13-12+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:1.12.13+real-7.\n\nWe recommend that you upgrade your cvs packages.\";\ntag_summary = \"The remote host is missing an update to cvs\nannounced via advisory DSA 2407-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202407-1\";\n\nif(description)\n{\n script_id(70726);\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 6612 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:08:03 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:40:50 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2407-1 (cvs)\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"cvs\", ver:\"1:1.12.13-12+squeeze1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:49", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "The remote host is missing an update to cvs\nannounced via advisory DSA 2407-1.", "modified": "2019-03-18T00:00:00", "published": "2012-02-12T00:00:00", "id": "OPENVAS:136141256231070726", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231070726", "type": "openvas", "title": "Debian Security Advisory DSA 2407-1 (cvs)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2407_1.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Description: Auto-generated from advisory DSA 2407-1 (cvs)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.70726\");\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 14275 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-12 06:40:50 -0500 (Sun, 12 Feb 2012)\");\n script_name(\"Debian Security Advisory DSA 2407-1 (cvs)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB6\");\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%202407-1\");\n script_tag(name:\"insight\", value:\"It was discovered that a malicious CVS server could cause a heap\noverflow in the CVS client, potentially allowing the server to execute\narbitrary code on the client.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.12.13-12+squeeze1.\n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2:1.12.13+real-7.\");\n\n script_tag(name:\"solution\", value:\"We recommend that you upgrade your cvs packages.\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update to cvs\nannounced via advisory DSA 2407-1.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"cvs\", ver:\"1:1.12.13-12+squeeze1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-02T10:58:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Check for the Version of cvs", "modified": "2017-12-29T00:00:00", "published": "2012-02-27T00:00:00", "id": "OPENVAS:870572", "href": "http://plugins.openvas.org/nasl.php?oid=870572", "type": "openvas", "title": "RedHat Update for cvs RHSA-2012:0321-01", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for cvs RHSA-2012:0321-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Concurrent Version System (CVS) is a version control system that can record\n the history of your files.\n\n A heap-based buffer overflow flaw was found in the way the CVS client\n handled responses from HTTP proxies. A malicious HTTP proxy could use this\n flaw to cause the CVS client to crash or, possibly, execute arbitrary code\n with the privileges of the user running the CVS client. (CVE-2012-0804)\n\n All users of cvs are advised to upgrade to these updated packages, which\n contain a patch to correct this issue.\";\n\ntag_affected = \"cvs on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-February/msg00061.html\");\n script_id(870572);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8257 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-29 07:29:46 +0100 (Fri, 29 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-27 11:17:18 +0530 (Mon, 27 Feb 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name: \"RHSA\", value: \"2012:0321-01\");\n script_name(\"RedHat Update for cvs RHSA-2012:0321-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cvs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.22~11.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cvs-debuginfo\", rpm:\"cvs-debuginfo~1.11.22~11.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"cvs-inetd\", rpm:\"cvs-inetd~1.11.22~11.el5_8.1\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-02T10:57:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Check for the Version of cvs", "modified": "2018-01-01T00:00:00", "published": "2012-08-03T00:00:00", "id": "OPENVAS:831638", "href": "http://plugins.openvas.org/nasl.php?oid=831638", "type": "openvas", "title": "Mandriva Update for cvs MDVSA-2012:044 (cvs)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for cvs MDVSA-2012:044 (cvs)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability has been found and corrected in cvs:\n\n A heap-based buffer overflow flaw was found in the way the CVS client\n handled responses from HTTP proxies. A malicious HTTP proxy could\n use this flaw to cause the CVS client to crash or, possibly, execute\n arbitrary code with the privileges of the user running the CVS client\n (CVE-2012-0804).\n\n The updated packages have been patched to correct this issue.\";\n\ntag_affected = \"cvs on Mandriva Linux 2011.0,\n Mandriva Enterprise Server 5.2,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:044\");\n script_id(831638);\n script_version(\"$Revision: 8265 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-01 07:29:23 +0100 (Mon, 01 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-03 09:58:00 +0530 (Fri, 03 Aug 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"MDVSA\", value: \"2012:044\");\n script_name(\"Mandriva Update for cvs MDVSA-2012:044 (cvs)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cvs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.12.13~18.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_mes5.2\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.12.13~18.1mdvmes5.2\", rls:\"MNDK_mes5.2\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.12.13~18.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-01-11T11:07:36", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Check for the Version of cvs", "modified": "2018-01-10T00:00:00", "published": "2012-07-30T00:00:00", "id": "OPENVAS:881181", "href": "http://plugins.openvas.org/nasl.php?oid=881181", "type": "openvas", "title": "CentOS Update for cvs CESA-2012:0321 centos6 ", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for cvs CESA-2012:0321 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Concurrent Version System (CVS) is a version control system that can record\n the history of your files.\n\n A heap-based buffer overflow flaw was found in the way the CVS client\n handled responses from HTTP proxies. A malicious HTTP proxy could use this\n flaw to cause the CVS client to crash or, possibly, execute arbitrary code\n with the privileges of the user running the CVS client. (CVE-2012-0804)\n \n All users of cvs are advised to upgrade to these updated packages, which\n contain a patch to correct this issue.\";\n\ntag_affected = \"cvs on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-February/018453.html\");\n script_id(881181);\n script_version(\"$Revision: 8352 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-10 08:01:57 +0100 (Wed, 10 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:34:11 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_xref(name: \"CESA\", value: \"2012:0321\");\n script_name(\"CentOS Update for cvs CESA-2012:0321 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cvs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.23~11.el6_2.1\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2020-03-17T23:03:37", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "The remote host is missing an update announced via the referenced Security Advisory.", "modified": "2020-03-13T00:00:00", "published": "2015-09-08T00:00:00", "id": "OPENVAS:1361412562310120416", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120416", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2012-51)", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120416\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:25:53 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2012-51)\");\n script_tag(name:\"insight\", value:\"A heap-based buffer overflow flaw was found in the way the CVS client handled responses from HTTP proxies. A malicious HTTP proxy could use this flaw to cause the CVS client to crash or, possibly, execute arbitrary code with the privileges of the user running the CVS client. (CVE-2012-0804 )\");\n script_tag(name:\"solution\", value:\"Run yum update cvs to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2012-51.html\");\n script_cve_id(\"CVE-2012-0804\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"cvs-debuginfo\", rpm:\"cvs-debuginfo~1.11.23~11.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.23~11.6.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2018-01-06T13:07:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "description": "Check for the Version of cvs", "modified": "2018-01-05T00:00:00", "published": "2012-02-21T00:00:00", "id": "OPENVAS:863743", "href": "http://plugins.openvas.org/nasl.php?oid=863743", "type": "openvas", "title": "Fedora Update for cvs FEDORA-2012-1400", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cvs FEDORA-2012-1400\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"CVS (Concurrent Versions System) is a version control system that can\n record the history of your files (usually, but not always, source\n code). CVS only stores the differences between versions, instead of\n every version of every file you have ever created. CVS also keeps a log\n of who, when, and why changes occurred.\n\n CVS is very helpful for managing releases and controlling the\n concurrent editing of source files among multiple authors. Instead of\n providing version control for a collection of files in a single\n directory, CVS provides version control for a hierarchical collection\n of directories consisting of revision controlled files. These\n directories and files can then be combined together to form a software\n release.\";\n\ntag_affected = \"cvs on Fedora 15\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2012-February/073288.html\");\n script_id(863743);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_version(\"$Revision: 8295 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-05 07:29:18 +0100 (Fri, 05 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-02-21 18:55:01 +0530 (Tue, 21 Feb 2012)\");\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name: \"FEDORA\", value: \"2012-1400\");\n script_name(\"Fedora Update for cvs FEDORA-2012-1400\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of cvs\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC15\")\n{\n if ((res = isrpmvuln(pkg:\"cvs\", rpm:\"cvs~1.11.23~17.fc15\", rls:\"FC15\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "fedora": [{"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "CVS (Concurrent Versions System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. ", "modified": "2012-02-15T11:29:56", "published": "2012-02-15T11:29:56", "id": "FEDORA:ACE1020DA2", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 15 Update: cvs-1.11.23-17.fc15", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-21T08:17:50", "bulletinFamily": "unix", "cvelist": ["CVE-2012-0804"], "description": "CVS (Concurrent Versions System) is a version control system that can record the history of your files (usually, but not always, source code). CVS only stores the differences between versions, instead of every version of every file you have ever created. CVS also keeps a log of who, when, and why changes occurred. CVS is very helpful for managing releases and controlling the concurrent editing of source files among multiple authors. Instead of providing version control for a collection of files in a single directory, CVS provides version control for a hierarchical collection of directories consisting of revision controlled files. These directories and files can then be combined together to form a software release. ", "modified": "2012-02-15T11:36:55", "published": "2012-02-15T11:36:55", "id": "FEDORA:2326F20BA8", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 16 Update: cvs-1.11.23-22.fc16", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2021-01-17T12:46:46", "description": "From Red Hat Security Advisory 2012:0321 :\n\nUpdated cvs packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nConcurrent Version System (CVS) is a version control system that can\nrecord the history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages,\nwhich contain a patch to correct this issue.", "edition": 21, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 5 / 6 : cvs (ELSA-2012-0321)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2013-07-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:cvs-inetd", "p-cpe:/a:oracle:linux:cvs", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0321.NASL", "href": "https://www.tenable.com/plugins/nessus/68486", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0321 and \n# Oracle Linux Security Advisory ELSA-2012-0321 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68486);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_bugtraq_id(51943);\n script_xref(name:\"RHSA\", value:\"2012:0321\");\n\n script_name(english:\"Oracle Linux 5 / 6 : cvs (ELSA-2012-0321)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0321 :\n\nUpdated cvs packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nConcurrent Version System (CVS) is a version control system that can\nrecord the history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages,\nwhich contain a patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-February/002625.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-March/002682.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cvs-inetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"cvs-1.11.22-11.el5_8.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"cvs-inetd-1.11.22-11.el5_8.1\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"cvs-1.11.23-11.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs / cvs-inetd\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T10:10:00", "description": "Fix CVE-2012-0804 (Client heap-based buffer overflow on bad proxy\nresponse)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 13, "published": "2012-02-16T00:00:00", "title": "Fedora 16 : cvs-1.11.23-22.fc16 (2012-1383)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2012-02-16T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cvs", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-1383.NASL", "href": "https://www.tenable.com/plugins/nessus/57965", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-1383.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57965);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_bugtraq_id(51943);\n script_xref(name:\"FEDORA\", value:\"2012-1383\");\n\n script_name(english:\"Fedora 16 : cvs-1.11.23-22.fc16 (2012-1383)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fix CVE-2012-0804 (Client heap-based buffer overflow on bad proxy\nresponse)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=784141\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-February/073326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bc201f2c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"cvs-1.11.23-22.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T09:47:16", "description": "It was discovered that a malicious CVS server could cause a heap\noverflow in the CVS client, potentially allowing the server to execute\narbitrary code on the client.", "edition": 16, "published": "2012-02-10T00:00:00", "title": "Debian DSA-2407-1 : cvs - heap overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2012-02-10T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:6.0", "p-cpe:/a:debian:debian_linux:cvs"], "id": "DEBIAN_DSA-2407.NASL", "href": "https://www.tenable.com/plugins/nessus/57880", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2407. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57880);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name:\"DSA\", value:\"2407\");\n\n script_name(english:\"Debian DSA-2407-1 : cvs - heap overflow\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that a malicious CVS server could cause a heap\noverflow in the CVS client, potentially allowing the server to execute\narbitrary code on the client.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/cvs\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2407\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the cvs packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 1:1.12.13-12+squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"cvs\", reference:\"1:1.12.13-12+squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T12:24:22", "description": "cvs was prone to a heap-based buffer overflow in the client side proxy\nhandling", "edition": 17, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : cvs (openSUSE-2012-133)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cvs", "cpe:/o:novell:opensuse:12.1", "p-cpe:/a:novell:opensuse:cvs-debugsource", "p-cpe:/a:novell:opensuse:cvs-debuginfo"], "id": "OPENSUSE-2012-133.NASL", "href": "https://www.tenable.com/plugins/nessus/74556", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-133.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74556);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0804\");\n\n script_name(english:\"openSUSE Security Update : cvs (openSUSE-2012-133)\");\n script_summary(english:\"Check for the openSUSE-2012-133 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"cvs was prone to a heap-based buffer overflow in the client side proxy\nhandling\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744059\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"cvs-1.12.12-169.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"cvs-debuginfo-1.12.12-169.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"cvs-debugsource-1.12.12-169.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs / cvs-debuginfo / cvs-debugsource\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T14:36:05", "description": "A heap-based buffer overflow flaw was found in the way CVS read proxy\nconnection HTTP responses. An attacker could exploit this to cause the\napplication to crash or, potentially, execute arbitrary code in the\ncontext of the user running the application (CVE-2012-0804).", "edition": 19, "published": "2014-06-13T00:00:00", "title": "openSUSE Security Update : cvs (openSUSE-SU-2012:0310-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2014-06-13T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:cvs", "cpe:/o:novell:opensuse:11.4", "p-cpe:/a:novell:opensuse:cvs-debugsource", "p-cpe:/a:novell:opensuse:cvs-debuginfo"], "id": "SUSE_11_4_CVS-120222.NASL", "href": "https://www.tenable.com/plugins/nessus/75808", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update cvs-5861.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75808);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0804\");\n\n script_name(english:\"openSUSE Security Update : cvs (openSUSE-SU-2012:0310-1)\");\n script_summary(english:\"Check for the cvs-5861 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way CVS read proxy\nconnection HTTP responses. An attacker could exploit this to cause the\napplication to crash or, potentially, execute arbitrary code in the\ncontext of the user running the application (CVE-2012-0804).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=744059\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-02/msg00064.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:cvs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"cvs-1.12.12-166.169.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"cvs-debuginfo-1.12.12-166.169.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"cvs-debugsource-1.12.12-166.169.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T11:53:38", "description": "A vulnerability has been found and corrected in cvs :\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client\n(CVE-2012-0804).\n\nThe updated packages have been patched to correct this issue.", "edition": 24, "published": "2012-03-30T00:00:00", "title": "Mandriva Linux Security Advisory : cvs (MDVSA-2012:044)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2012-03-30T00:00:00", "cpe": ["cpe:/o:mandriva:linux:2011", "p-cpe:/a:mandriva:linux:cvs", "cpe:/o:mandriva:linux:2010.1"], "id": "MANDRIVA_MDVSA-2012-044.NASL", "href": "https://www.tenable.com/plugins/nessus/58531", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:044. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58531);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name:\"MDVSA\", value:\"2012:044\");\n\n script_name(english:\"Mandriva Linux Security Advisory : cvs (MDVSA-2012:044)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability has been found and corrected in cvs :\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client\n(CVE-2012-0804).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"cvs-1.12.13-18.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"cvs-1.12.13-18.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-06T09:27:35", "description": "Updated cvs packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nConcurrent Version System (CVS) is a version control system that can\nrecord the history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages,\nwhich contain a patch to correct this issue.", "edition": 24, "published": "2012-02-24T00:00:00", "title": "CentOS 5 / 6 : cvs (CESA-2012:0321)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2012-02-24T00:00:00", "cpe": ["p-cpe:/a:centos:centos:cvs-inetd", "cpe:/o:centos:centos:6", "p-cpe:/a:centos:centos:cvs", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0321.NASL", "href": "https://www.tenable.com/plugins/nessus/58108", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0321 and \n# CentOS Errata and Security Advisory 2012:0321 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58108);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_bugtraq_id(51943);\n script_xref(name:\"RHSA\", value:\"2012:0321\");\n\n script_name(english:\"CentOS 5 / 6 : cvs (CESA-2012:0321)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated cvs packages that fix one security issue are now available for\nRed Hat Enterprise Linux 5 and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nConcurrent Version System (CVS) is a version control system that can\nrecord the history of your files.\n\nA heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)\n\nAll users of cvs are advised to upgrade to these updated packages,\nwhich contain a patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-February/018453.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?842e2863\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2013-January/000326.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?87a0a9b6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected cvs packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0804\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cvs-inetd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/05/29\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"cvs-1.11.22-11.el5_8.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"cvs-inetd-1.11.22-11.el5_8.1\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"cvs-1.11.23-11.el6_2.1\")) flag++;\n\n\nif (flag)\n{\n cr_plugin_caveat = '\\n' +\n 'NOTE: The security advisory associated with this vulnerability has a\\n' +\n 'fixed package version that may only be available in the continuous\\n' +\n 'release (CR) repository for CentOS, until it is present in the next\\n' +\n 'point release of CentOS.\\n\\n' +\n\n 'If an equal or higher package level does not exist in the baseline\\n' +\n 'repository for your major version of CentOS, then updates from the CR\\n' +\n 'repository will need to be applied in order to address the\\n' +\n 'vulnerability.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + cr_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs / cvs-inetd\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-12T11:05:41", "description": "The remote host is affected by the vulnerability described in GLSA-201701-44\n(CVS: Heap-based overflow)\n\n A heap-based buffer overflow was discovered in the proxy_connect\n function in src/client.c in CVS.\n \nImpact :\n\n An attacker, utilizing a remote HTTP proxy server, could cause a Denial\n of Service condition or possibly execute arbitrary code via a crafted\n HTTP response.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 23, "published": "2017-01-20T00:00:00", "title": "GLSA-201701-44 : CVS: Heap-based overflow", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2017-01-20T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:cvs", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201701-44.NASL", "href": "https://www.tenable.com/plugins/nessus/96641", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201701-44.\n#\n# The advisory text is Copyright (C) 2001-2017 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(96641);\n script_version(\"3.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name:\"GLSA\", value:\"201701-44\");\n\n script_name(english:\"GLSA-201701-44 : CVS: Heap-based overflow\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201701-44\n(CVS: Heap-based overflow)\n\n A heap-based buffer overflow was discovered in the proxy_connect\n function in src/client.c in CVS.\n \nImpact :\n\n An attacker, utilizing a remote HTTP proxy server, could cause a Denial\n of Service condition or possibly execute arbitrary code via a crafted\n HTTP response.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201701-44\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All CVS users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-vcs/cvs-1.12.12-r11'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2017/01/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2017/01/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2017-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-vcs/cvs\", unaffected:make_list(\"ge 1.12.12-r11\"), vulnerable:make_list(\"lt 1.12.12-r11\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"CVS\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T01:20:06", "description": "A heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)", "edition": 24, "published": "2013-09-04T00:00:00", "title": "Amazon Linux AMI : cvs (ALAS-2012-51)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2021-02-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:cvs-debuginfo", "p-cpe:/a:amazon:linux:cvs", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-51.NASL", "href": "https://www.tenable.com/plugins/nessus/69658", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-51.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69658);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0804\");\n script_xref(name:\"ALAS\", value:\"2012-51\");\n script_xref(name:\"RHSA\", value:\"2012:0321\");\n\n script_name(english:\"Amazon Linux AMI : cvs (ALAS-2012-51)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way the CVS client\nhandled responses from HTTP proxies. A malicious HTTP proxy could use\nthis flaw to cause the CVS client to crash or, possibly, execute\narbitrary code with the privileges of the user running the CVS client.\n(CVE-2012-0804)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-51.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update cvs' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cvs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:cvs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"cvs-1.11.23-11.6.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"cvs-debuginfo-1.11.23-11.6.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cvs / cvs-debuginfo\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-20T15:14:03", "description": "A heap-based buffer overflow flaw was found in the way CVS read proxy\nconnection HTTP responses. An attacker could exploit this to cause the\napplication to crash or, potentially, execute arbitrary code in the\ncontext of the user running the application. (CVE-2012-0804)", "edition": 17, "published": "2012-02-28T00:00:00", "title": "SuSE 10 Security Update : CVS (ZYPP Patch Number 7991)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-0804"], "modified": "2012-02-28T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CVS-7991.NASL", "href": "https://www.tenable.com/plugins/nessus/58142", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58142);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0804\");\n\n script_name(english:\"SuSE 10 Security Update : CVS (ZYPP Patch Number 7991)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A heap-based buffer overflow flaw was found in the way CVS read proxy\nconnection HTTP responses. An attacker could exploit this to cause the\napplication to crash or, potentially, execute arbitrary code in the\ncontext of the user running the application. (CVE-2012-0804)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0804.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7991.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"cvs-1.12.12-19.10.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cvs-1.12.12-19.10.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"cvs-doc-1.12.12-19.10.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}