DATABASE RESOURCES PRICING ABOUT US

{"id": "ELSA-2012-0677", "vendorId": null, "type": "oraclelinux", "bulletinFamily": "unix", "title": "postgresql security update", "description": "[8.1.23-4]\n- Back-port upstream fixes for CVE-2012-0866 and CVE-2012-0868\nResolves: #812070\n[8.1.23-3]\n- Back-port upstream fix for unregistering OpenSSL callbacks at close\nResolves: #728828\n[8.1.23-2]\n- Back-port upstream fix for CVE-2011-2483\nResolves: #740738", "published": "2012-05-21T00:00:00", "modified": "2012-05-21T00:00:00", "epss": [{"cve": "CVE-2011-2483", "epss": 0.00327, "percentile": 0.67562, "modified": "2023-11-11"}, {"cve": "CVE-2012-0866", "epss": 0.00442, "percentile": 0.71971, "modified": "2023-11-11"}, {"cve": "CVE-2012-0868", "epss": 0.0094, "percentile": 0.81291, "modified": "2023-11-11"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {}, "cvss3": {}, "href": "http://linux.oracle.com/errata/ELSA-2012-0677.html", "reporter": "Oracle", "references": [], "cvelist": ["CVE-2011-2483", "CVE-2012-0866", "CVE-2012-0868"], "immutableFields": [], "lastseen": "2019-05-29T18:38:19", "viewCount": 20, "enchantments": {"dependencies": {"references": [{"type": "altlinux", "idList": ["1593771B1FFDFB2E5D3563F6D21FE84A", "1A2315C217EF7FCA5104470A3C3C3D16", "43441B939F0807E4D0E0F345FE39551B", "5A626CE637DB7B8EFDFFCD8D9B558548", "873024DA35722884E80F3FB997E7AF0F", "C7A0C9390098E894A6051913B0C59962", "F2A8878DF6B2148C075A42D7D964A070"]}, {"type": "amazon", "idList": ["ALAS-2011-007", "ALAS-2011-012", "ALAS-2012-082"]}, {"type": "centos", "idList": ["CESA-2011:1377", "CESA-2011:1378", "CESA-2011:1423", "CESA-2012:0677", "CESA-2012:0678"]}, {"type": "cve", "idList": ["CVE-2011-2483", "CVE-2011-3189", "CVE-2011-3268", "CVE-2012-0866", "CVE-2012-0868"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2340-1:1241F", "DEBIAN:DSA-2399-1:367BF", "DEBIAN:DSA-2399-2:BC1FA", "DEBIAN:DSA-2418-1:BCB26"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2483"]}, {"type": "f5", "idList": ["F5:K13518", "F5:K13519", "SOL13518", "SOL13519"]}, {"type": "fedora", "idList": ["FEDORA:25045C0AD1", "FEDORA:2AA70C0AD2", "FEDORA:3EA7E20EC6", "FEDORA:420B0E7205", "FEDORA:4F98D20FC9", "FEDORA:510BA87E81", "FEDORA:6126137D07", "FEDORA:6E94E22587", "FEDORA:7869DC0ACF", "FEDORA:7F9E2C0AD1", "FEDORA:805B3C0ACF", "FEDORA:836B9C0AD2", "FEDORA:9467F210F8", "FEDORA:9A8E620A7B", "FEDORA:BAE1220E52", "FEDORA:D603620A52"]}, {"type": "freebsd", "idList": ["057BF770-CAC4-11E0-AEA3-00215C6A37BB", "174B8864-6237-11E1-BE18-14DAE938EC40"]}, {"type": "gentoo", "idList": ["GLSA-201110-06", "GLSA-201110-22", "GLSA-201209-24"]}, {"type": "nessus", "idList": ["6015.PRM", "6336.PRM", "6337.PRM", "6817.PRM", "801087.PRM", "ALA_ALAS-2011-07.NASL", "ALA_ALAS-2011-12.NASL", "ALA_ALAS-2011-7.NASL", "ALA_ALAS-2012-82.NASL", "CENTOS_RHSA-2011-1377.NASL", "CENTOS_RHSA-2011-1378.NASL", "CENTOS_RHSA-2011-1423.NASL", "CENTOS_RHSA-2012-0677.NASL", "CENTOS_RHSA-2012-0678.NASL", "DEBIAN_DSA-2340.NASL", "DEBIAN_DSA-2399.NASL", "DEBIAN_DSA-2418.NASL", "F5_BIGIP_SOL13519.NASL", "FEDORA_2011-11464.NASL", "FEDORA_2011-11528.NASL", "FEDORA_2011-11537.NASL", "FEDORA_2012-2508.NASL", "FEDORA_2012-2589.NASL", "FEDORA_2012-2591.NASL", "FREEBSD_PKG_057BF770CAC411E0AEA300215C6A37BB.NASL", "FREEBSD_PKG_174B8864623711E1BE1814DAE938EC40.NASL", "GENTOO_GLSA-201110-06.NASL", "GENTOO_GLSA-201110-22.NASL", "GENTOO_GLSA-201209-24.NASL", "HPSMH_7_0_0_24.NASL", "MACOSX_10_7_3.NASL", "MACOSX_SECUPD2012-001.NASL", "MANDRIVA_MDVSA-2011-161.NASL", "MANDRIVA_MDVSA-2011-165.NASL", "MANDRIVA_MDVSA-2011-178.NASL", "MANDRIVA_MDVSA-2011-179.NASL", "MANDRIVA_MDVSA-2011-180.NASL", "MANDRIVA_MDVSA-2012-026.NASL", "MANDRIVA_MDVSA-2012-092.NASL", "OPENSUSE-2012-214.NASL", "OPENSUSE-2012-603.NASL", "OPENSUSE-2013-849.NASL", "ORACLELINUX_ELSA-2011-1377.NASL", "ORACLELINUX_ELSA-2011-1378.NASL", "ORACLELINUX_ELSA-2011-1423.NASL", "ORACLELINUX_ELSA-2012-0677.NASL", "ORACLELINUX_ELSA-2012-0678.NASL", "PHP_5_3_7.NASL", "PHP_5_4_0.NASL", "POSTGRESQL_20120227.NASL", "POSTGRESQL_8318.NASL", "REDHAT-RHSA-2011-1377.NASL", "REDHAT-RHSA-2011-1378.NASL", "REDHAT-RHSA-2011-1423.NASL", "REDHAT-RHSA-2012-0677.NASL", "REDHAT-RHSA-2012-0678.NASL", "SLACKWARE_SSA_2011-237-01.NASL", "SL_20111017_POSTGRESQL84_ON_SL5_X.NASL", "SL_20111017_POSTGRESQL_ON_SL4_X.NASL", "SL_20111102_PHP53_AND_PHP_ON_SL5_X.NASL", "SL_20120521_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "SL_20120521_POSTGRESQL_ON_SL5_X.NASL", "SUSE9_12813.NASL", "SUSE_11_3_APACHE2-MOD_PHP5-110907.NASL", "SUSE_11_3_GLIBC-110729.NASL", "SUSE_11_3_LIBXCRYPT-110824.NASL", "SUSE_11_3_MAN-PAGES-110823.NASL", "SUSE_11_3_YAST2-CORE-110822.NASL", "SUSE_11_4_APACHE2-MOD_PHP5-110907.NASL", "SUSE_11_4_GLIBC-110729.NASL", "SUSE_11_4_LIBXCRYPT-110824.NASL", "SUSE_11_4_MAN-PAGES-110823.NASL", "SUSE_11_4_YAST2-CORE-110822.NASL", "SUSE_11_GLIBC-110729.NASL", "SUSE_11_GLIBC-BLOWFISH-110729.NASL", "SUSE_11_LIBXCRYPT-110824.NASL", "SUSE_11_MAN-PAGES-110825.NASL", "SUSE_11_POSTGRESQL-120322.NASL", "SUSE_11_YAST2-CORE-110830.NASL", "SUSE_GLIBC-7659.NASL", "SUSE_GLIBC-7663.NASL", "SUSE_GLIBC-BLOWFISH-7663.NASL", "SUSE_POSTGRESQL-8071.NASL", "SUSE_POSTGRESQL-8311.NASL", "SUSE_SU-2012-1336-1.NASL", "SUSE_YAST2-CORE-7725.NASL", "SUSE_YAST2-CORE-7726.NASL", "UBUNTU_USN-1229-1.NASL", "UBUNTU_USN-1231-1.NASL", "UBUNTU_USN-1378-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310103229", "OPENVAS:1361412562310120127", "OPENVAS:1361412562310120517", "OPENVAS:1361412562310120570", "OPENVAS:1361412562310122061", "OPENVAS:1361412562310122072", "OPENVAS:1361412562310122073", "OPENVAS:1361412562310123917", "OPENVAS:1361412562310123918", "OPENVAS:136141256231070257", "OPENVAS:136141256231070716", "OPENVAS:136141256231070717", "OPENVAS:136141256231070769", "OPENVAS:136141256231070785", "OPENVAS:136141256231071146", "OPENVAS:136141256231071164", "OPENVAS:136141256231071962", "OPENVAS:136141256231072458", "OPENVAS:1361412562310802330", "OPENVAS:1361412562310802392", "OPENVAS:1361412562310831478", "OPENVAS:1361412562310831484", "OPENVAS:1361412562310831500", "OPENVAS:1361412562310831514", "OPENVAS:1361412562310831557", "OPENVAS:1361412562310831559", "OPENVAS:1361412562310840772", "OPENVAS:1361412562310840782", "OPENVAS:1361412562310840921", "OPENVAS:1361412562310850170", "OPENVAS:1361412562310863518", "OPENVAS:1361412562310863520", "OPENVAS:1361412562310863523", "OPENVAS:1361412562310863524", "OPENVAS:1361412562310863527", "OPENVAS:1361412562310863531", "OPENVAS:1361412562310863762", "OPENVAS:1361412562310863788", "OPENVAS:1361412562310863794", "OPENVAS:1361412562310863875", "OPENVAS:1361412562310864094", "OPENVAS:1361412562310864388", "OPENVAS:1361412562310864463", "OPENVAS:1361412562310864465", "OPENVAS:1361412562310864663", "OPENVAS:1361412562310870503", "OPENVAS:1361412562310870506", "OPENVAS:1361412562310870510", "OPENVAS:1361412562310870594", "OPENVAS:1361412562310870595", "OPENVAS:1361412562310881024", "OPENVAS:1361412562310881025", "OPENVAS:1361412562310881028", "OPENVAS:1361412562310881042", "OPENVAS:1361412562310881063", "OPENVAS:1361412562310881159", "OPENVAS:1361412562310881186", "OPENVAS:1361412562310881310", "OPENVAS:1361412562310881333", "OPENVAS:1361412562310881408", "OPENVAS:1361412562310881449", "OPENVAS:70257", "OPENVAS:70716", "OPENVAS:70717", "OPENVAS:70769", "OPENVAS:70785", "OPENVAS:71146", "OPENVAS:71164", "OPENVAS:71962", "OPENVAS:72458", "OPENVAS:802392", "OPENVAS:831478", "OPENVAS:831484", "OPENVAS:831500", "OPENVAS:831514", "OPENVAS:831557", "OPENVAS:831559", "OPENVAS:840772", "OPENVAS:840782", "OPENVAS:840921", "OPENVAS:850170", "OPENVAS:863518", "OPENVAS:863520", "OPENVAS:863523", "OPENVAS:863524", "OPENVAS:863527", "OPENVAS:863531", "OPENVAS:863762", "OPENVAS:863788", "OPENVAS:863794", "OPENVAS:863875", "OPENVAS:864094", "OPENVAS:864388", "OPENVAS:864463", "OPENVAS:864465", "OPENVAS:864663", "OPENVAS:870503", "OPENVAS:870506", "OPENVAS:870510", "OPENVAS:870594", "OPENVAS:870595", "OPENVAS:881024", "OPENVAS:881025", "OPENVAS:881028", "OPENVAS:881042", "OPENVAS:881063", "OPENVAS:881159", "OPENVAS:881186", "OPENVAS:881310", "OPENVAS:881333", "OPENVAS:881408", "OPENVAS:881449"]}, {"type": "oraclelinux", "idList": ["ELSA-2011-1377", "ELSA-2011-1378", "ELSA-2011-1423", "ELSA-2012-0678", "ELSA-2012-1037", "ELSA-2012-1046"]}, {"type": "osv", "idList": ["OSV:DSA-2340-1", "OSV:DSA-2399-1", "OSV:DSA-2418-1"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2012-0866", "POSTGRESQL:CVE-2012-0868"]}, {"type": "redhat", "idList": ["RHSA-2011:1377", "RHSA-2011:1378", "RHSA-2011:1423", "RHSA-2012:0677", "RHSA-2012:0678"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:26931", "SECURITYVULNS:DOC:27147", "SECURITYVULNS:DOC:27395", "SECURITYVULNS:DOC:27600", "SECURITYVULNS:DOC:27726", "SECURITYVULNS:DOC:28070", "SECURITYVULNS:VULN:11879", "SECURITYVULNS:VULN:12065", "SECURITYVULNS:VULN:12164", "SECURITYVULNS:VULN:12234"]}, {"type": "seebug", "idList": ["SSV:30152"]}, {"type": "slackware", "idList": ["SSA-2011-237-01"]}, {"type": "suse", "idList": ["SUSE-SA:2011:035"]}, {"type": "ubuntu", "idList": ["USN-1229-1", "USN-1231-1", "USN-1378-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2483", "UB:CVE-2011-3189", "UB:CVE-2011-3268", "UB:CVE-2012-0866", "UB:CVE-2012-0868"]}, {"type": "veracode", "idList": ["VERACODE:10728", "VERACODE:13778", "VERACODE:13780", "VERACODE:24727"]}]}, "score": {"value": 1.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2011-012"]}, {"type": "centos", "idList": ["CESA-2011:1377", "CESA-2011:1378", "CESA-2011:1423", "CESA-2012:0677", "CESA-2012:0678"]}, {"type": "cve", "idList": ["CVE-2011-2483", "CVE-2012-0866", "CVE-2012-0868"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2418-1:BCB26"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2011-2483"]}, {"type": "f5", "idList": ["SOL13518", "SOL13519"]}, {"type": "fedora", "idList": ["FEDORA:4F98D20FC9", "FEDORA:BAE1220E52"]}, {"type": "freebsd", "idList": ["057BF770-CAC4-11E0-AEA3-00215C6A37BB", "174B8864-6237-11E1-BE18-14DAE938EC40"]}, {"type": "gentoo", "idList": ["GLSA-201209-24"]}, {"type": "nessus", "idList": ["CENTOS_RHSA-2011-1377.NASL", "FEDORA_2012-2589.NASL", "SUSE_11_3_MAN-PAGES-110823.NASL", "SUSE_YAST2-CORE-7726.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231070785", "OPENVAS:1361412562310850170", "OPENVAS:1361412562310863518", "OPENVAS:1361412562310881024", "OPENVAS:840782", "OPENVAS:863523", "OPENVAS:870510", "OPENVAS:870594"]}, {"type": "oraclelinux", "idList": ["ELSA-2012-1037"]}, {"type": "postgresql", "idList": ["POSTGRESQL:CVE-2012-0866"]}, {"type": "redhat", "idList": ["RHSA-2012:0677"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:27395"]}, {"type": "seebug", "idList": ["SSV:30152"]}, {"type": "ubuntu", "idList": ["USN-1231-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2011-2483"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2011-2483", "epss": "0.004370000", "percentile": "0.707190000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0866", "epss": "0.004420000", "percentile": "0.708750000", "modified": "2023-03-13"}, {"cve": "CVE-2012-0868", "epss": "0.009400000", "percentile": "0.806990000", "modified": "2023-03-13"}], "vulnersScore": 1.5}, "_state": {"dependencies": 1699783982, "score": 1699784375, "epss": 0}, "_internal": {"score_hash": "6020f0da4d8b2454db845de5f6b6d68b"}, "affectedPackage": []}

{"nessus": [{"lastseen": "2023-12-05T15:09:07", "description": "- Security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303).\n\nSee the release notes for the rest of the changes:\nhttp://www.postgresql.org/docs/9.1/static/release-9-1-3.html /usr/share/doc/packages/postgresql/HISTORY", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql (openSUSE-SU-2012:0480-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483", "CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-devel-32bit", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "cpe:/o:novell:opensuse:12.1"], "id": "OPENSUSE-2012-214.NASL", "href": "https://www.tenable.com/plugins/nessus/74591", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-214.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74591);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\", \"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"openSUSE Security Update : postgresql (openSUSE-SU-2012:0480-1)\");\n script_summary(english:\"Check for the openSUSE-2012-214 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for\n 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in\n SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump\n comments (CVE-2012-0868, bnc#749303).\n\nSee the release notes for the rest of the changes:\nhttp://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n/usr/share/doc/packages/postgresql/HISTORY\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-04/msg00026.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libecpg6-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libecpg6-debuginfo-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpq5-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"libpq5-debuginfo-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-contrib-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-contrib-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-debugsource-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-devel-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-devel-debuginfo-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-libs-debugsource-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plperl-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plperl-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plpython-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-plpython-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-pltcl-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-pltcl-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-server-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"postgresql-server-debuginfo-9.1.3-3.7.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"postgresql-devel-32bit-9.1.3-3.7.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", cpu:\"x86_64\", reference:\"postgresql-devel-debuginfo-32bit-9.1.3-3.7.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libecpg6 / libecpg6-debuginfo / libpq5-32bit / libpq5 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:09:47", "description": "- Security and bugfix release :\n\n - Require execute permission on the trigger function for CREATE TRIGGER. (CVE-2012-0866, bnc#749299)\n\n - Convert newlines to spaces in names written in pg_dump comments. (CVE-2012-0868, bnc#749303)\n\nPlease see the PostgreSQL release notes document for full changelog and details :\n\nhttp://www.postgresql.org/docs/8.3/static/release.html", "cvss3": {}, "published": "2012-06-06T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 8071)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_POSTGRESQL-8071.NASL", "href": "https://www.tenable.com/plugins/nessus/59384", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59384);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n\n script_name(english:\"SuSE 10 Security Update : PostgreSQL (ZYPP Patch Number 8071)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Security and bugfix release :\n\n - Require execute permission on the trigger function for\n CREATE TRIGGER. (CVE-2012-0866, bnc#749299)\n\n - Convert newlines to spaces in names written in pg_dump\n comments. (CVE-2012-0868, bnc#749303)\n\nPlease see the PostgreSQL release notes document for full changelog\nand details :\n\nhttp://www.postgresql.org/docs/8.3/static/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0866.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0868.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8071.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"postgresql-devel-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"postgresql-libs-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-contrib-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-devel-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-docs-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-libs-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"postgresql-server-8.1.22-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.1.22-0.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:19:19", "description": "From Red Hat Security Advisory 2012:0677 :\n\nUpdated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : postgresql (ELSA-2012-0677)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-pl", "p-cpe:/a:oracle:linux:postgresql-python", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-tcl", "p-cpe:/a:oracle:linux:postgresql-test", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0677.NASL", "href": "https://www.tenable.com/plugins/nessus/68528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0677 and \n# Oracle Linux Security Advisory ELSA-2012-0677 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68528);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_bugtraq_id(49241, 52188);\n script_xref(name:\"RHSA\", value:\"2012:0677\");\n\n script_name(english:\"Oracle Linux 5 : postgresql (ELSA-2012-0677)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0677 :\n\nUpdated postgresql packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002825.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-devel-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-libs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:45:40", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql on SL5.x i386/x86_64 (20120521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-pl", "p-cpe:/a:fermilab:scientific_linux:postgresql-python", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-tcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120521_POSTGRESQL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61317", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61317);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL5.x i386/x86_64 (20120521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1205&L=scientific-linux-errata&T=0&P=1131\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3fa8cd3f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-debuginfo-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-devel-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-libs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:43:25", "description": "Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "nessus", "title": "RHEL 5 : postgresql (RHSA-2012:0677)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-pl", "p-cpe:/a:redhat:enterprise_linux:postgresql-python", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2012-0677.NASL", "href": "https://www.tenable.com/plugins/nessus/59222", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0677. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59222);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0677\");\n\n script_name(english:\"RHEL 5 : postgresql (RHSA-2012:0677)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0677\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0868\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0677\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-debuginfo-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-devel-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-libs-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T14:44:04", "description": "- Security and bugfix release 8.3.18 :\n\n - Require execute permission on the trigger function for CREATE TRIGGER. (CVE-2012-0866, bnc#749299)\n\n - Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303). Please see the PostgreSQL release notes document for full changelog and details :\n\nhttp://www.postgresql.org/docs/8.3/static/release.html", "cvss3": {}, "published": "2013-01-25T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : PostgreSQL (SAT Patch Number 6023)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:postgresql", "p-cpe:/a:novell:suse_linux:11:postgresql-contrib", "p-cpe:/a:novell:suse_linux:11:postgresql-docs", "p-cpe:/a:novell:suse_linux:11:postgresql-libs", "p-cpe:/a:novell:suse_linux:11:postgresql-libs-32bit", "p-cpe:/a:novell:suse_linux:11:postgresql-server", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_POSTGRESQL-120322.NASL", "href": "https://www.tenable.com/plugins/nessus/64215", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64215);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n\n script_name(english:\"SuSE 11.1 Security Update : PostgreSQL (SAT Patch Number 6023)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - Security and bugfix release 8.3.18 :\n\n - Require execute permission on the trigger function for\n CREATE TRIGGER. (CVE-2012-0866, bnc#749299)\n\n - Convert newlines to spaces in names written in pg_dump\n comments (CVE-2012-0868, bnc#749303). Please see the\n PostgreSQL release notes document for full changelog and\n details :\n\nhttp://www.postgresql.org/docs/8.3/static/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0866.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-0868.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 6023.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-libs-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/01/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"postgresql-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"postgresql-libs-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-libs-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-contrib-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-docs-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-libs-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"postgresql-server-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"postgresql-libs-32bit-8.3.18-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.3.18-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:42:58", "description": "Updated postgresql packages that fix two security issues are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "nessus", "title": "CentOS 5 : postgresql (CESA-2012:0677)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-pl", "p-cpe:/a:centos:centos:postgresql-python", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-tcl", "p-cpe:/a:centos:centos:postgresql-test", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2012-0677.NASL", "href": "https://www.tenable.com/plugins/nessus/59213", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0677 and \n# CentOS Errata and Security Advisory 2012:0677 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59213);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0677\");\n\n script_name(english:\"CentOS 5 : postgresql (CESA-2012:0677)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix two security issues are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich contain backported patches to correct these issues. If the\npostgresql service is running, it will be automatically restarted\nafter installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018647.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7f25d5e8\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0868\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-contrib-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-devel-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-docs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-libs-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-pl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-python-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-server-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-tcl-8.1.23-4.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-test-8.1.23-4.el5_8\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:54:31", "description": "The version of PostgreSQL installed on the remote host is 8.3.x prior to 8.3.18, and is, therefore, potentially affected by multiple vulnerabilities :\n\n - Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866) \n - Line breaks in object names can be exploited to execute arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)", "cvss3": {}, "published": "2012-12-28T00:00:00", "type": "nessus", "title": "PostgreSQL 8.3 < 8.3.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2023-04-04T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_8318.NASL", "href": "https://www.tenable.com/plugins/nessus/63355", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63355);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/04\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n\n script_name(english:\"PostgreSQL 8.3 < 8.3.18 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 8.3.x prior\nto 8.3.18, and is, therefore, potentially affected by multiple\nvulnerabilities :\n\n - Permissions on a function called by a trigger are not\n properly checked. (CVE-2012-0866)\n \n - Line breaks in object names can be exploited to execute\n arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/about/news/1377/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/8.3/release-8-3-18.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 8.3.18 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"backport.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_service(svc:\"postgresql\", default:5432, exit_on_fail:TRUE);\n\nversion = get_kb_item_or_exit('database/'+port+'/postgresql/version');\nsource = get_kb_item_or_exit('database/'+port+'/postgresql/source');\ndatabase = get_kb_item('database/'+port+'/postgresql/database_name');\n\nget_backport_banner(banner:source);\nif (backported && report_paranoia < 2) audit(AUDIT_BACKPORT_SERVICE, port, 'PostgreSQL server');\n\nver = split(version, sep:'.');\nfor (i=0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (ver[0] == 8 && ver[1] == 3 && ver[2] < 18)\n{\n set_kb_item(name:\"www/\"+port+\"/SQLInjection\", value:TRUE);\n if (report_verbosity > 0)\n {\n report = '';\n if(database)\n report += '\\n Database name : ' + database ;\n report +=\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 8.3.18\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'PostgreSQL', port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:36:17", "description": "Versions of PostgreSQL earlier than 8.4.11 / 9.0.7 / 9.1.3 are potentially affected by multiple vulnerabilities. It therefore is affected by the following vulnerabilities : \n\n - Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificate authorities. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute arbitrary SQL commands when reloading a pg_dump file. (CVE-2012-0868)", "cvss3": {}, "published": "2013-05-14T00:00:00", "type": "nessus", "title": "PostgreSQL < 8.4.11 / 9.0.7 / 9.1.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "6817.PRM", "href": "https://www.tenable.com/plugins/nnm/6817", "sourceData": "Binary data 6817.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:50", "description": "Versions of PostgreSQL 8.3.x earlier than 8.3.18 are potentially affected by the following vulnerabilities :\n\n - Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificates. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. (CVE-2012-0868)", "cvss3": {}, "published": "2012-02-28T00:00:00", "type": "nessus", "title": "PostgreSQL 8.3.x < 8.3.18 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "6336.PRM", "href": "https://www.tenable.com/plugins/nnm/6336", "sourceData": "Binary data 6336.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:43:46", "description": "Updated postgresql84 and postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes these issues as well as several data-corruption issues and lesser non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "nessus", "title": "RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:0678)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "p-cpe:/a:redhat:enterprise_linux:postgresql84", "p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql84-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql84-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql84-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-python", "p-cpe:/a:redhat:enterprise_linux:postgresql84-server", "p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-test", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.2"], "id": "REDHAT-RHSA-2012-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/59223", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0678. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59223);\n script_version(\"1.25\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"RHEL 5 / 6 : postgresql and postgresql84 (RHSA-2012:0678)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2012:0678\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-0867\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2012:0678\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-debuginfo-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-debuginfo-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:54:59", "description": "The version of PostgreSQL installed on the remote host is 8.4.x prior to 8.4.11, 9.0.x prior to 9.0.7, or 9.1.x prior to 9.1.3. It is, therefore, potentially affected by multiple vulnerabilities :\n\n - Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third-party certificate authorities. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)", "cvss3": {}, "published": "2012-12-28T00:00:00", "type": "nessus", "title": "PostgreSQL 8.4 < 8.4.11 / 9.0 < 9.0.7 / 9.1 < 9.1.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2023-04-04T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "POSTGRESQL_20120227.NASL", "href": "https://www.tenable.com/plugins/nessus/63352", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(63352);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/04\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n\n script_name(english:\"PostgreSQL 8.4 < 8.4.11 / 9.0 < 9.0.7 / 9.1 < 9.1.3 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote database server is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of PostgreSQL installed on the remote host is 8.4.x prior\nto 8.4.11, 9.0.x prior to 9.0.7, or 9.1.x prior to 9.1.3. It is,\ntherefore, potentially affected by multiple vulnerabilities :\n\n - Permissions on a function called by a trigger are not\n properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32\n characters, allowing connection spoofing under some\n circumstances when using third-party certificate\n authorities. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute\n arbitrary SQL commands when reloading a pg_dump file.\n (CVE-2012-0868)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/about/news/1377/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.postgresql.org/docs/8.4/release-8-4-11.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PostgreSQL 8.3.19 / 8.4.12 / 9.0.8 / 9.1.4 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/12/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:postgresql:postgresql\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Databases\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"postgresql_version.nbin\");\n script_require_ports(\"Services/postgresql\", 5432);\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"backport.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nport = get_service(svc:\"postgresql\", default:5432, exit_on_fail:TRUE);\n\nversion = get_kb_item_or_exit('database/'+port+'/postgresql/version');\nsource = get_kb_item_or_exit('database/'+port+'/postgresql/source');\ndatabase = get_kb_item('database/'+port+'/postgresql/database_name');\n\nget_backport_banner(banner:source);\nif (backported && report_paranoia < 2) audit(AUDIT_BACKPORT_SERVICE, port, 'PostgreSQL server');\n\nver = split(version, sep:'.');\nfor (i=0; i < max_index(ver); i++)\n ver[i] = int(ver[i]);\n\nif (\n (ver[0] == 8 && ver[1] == 4 && ver[2] < 11) ||\n (ver[0] == 9 && ver[1] == 0 && ver[2] < 7) ||\n (ver[0] == 9 && ver[1] == 1 && ver[2] < 3)\n)\n{\n set_kb_item(name:\"www/\"+port+\"/SQLInjection\", value:TRUE);\n if (report_verbosity > 0)\n {\n report = '';\n if(database)\n report += '\\n Database name : ' + database ;\n report +=\n '\\n Version source : ' + source +\n '\\n Installed version : ' + version +\n '\\n Fixed version : 8.4.11 / 9.0.7 / 9.1.3\\n';\n security_warning(port:port, extra:report);\n }\n else security_warning(port);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, 'PostgreSQL', port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:40:28", "description": "Update to latest Postgres releases --- resolves some security and data loss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-03-08T00:00:00", "type": "nessus", "title": "Fedora 16 : postgresql-9.1.3-1.fc16 (2012-2591)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:16"], "id": "FEDORA_2012-2591.NASL", "href": "https://www.tenable.com/plugins/nessus/58282", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-2591.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58282);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"FEDORA\", value:\"2012-2591\");\n\n script_name(english:\"Fedora 16 : postgresql-9.1.3-1.fc16 (2012-2591)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-7.html\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074713.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8d2aebe8\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074724.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?088643c3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:16\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^16([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 16.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC16\", reference:\"postgresql-9.1.3-1.fc16\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:24:29", "description": "The pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql8 (ALAS-2012-82)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql8", "p-cpe:/a:amazon:linux:postgresql8-contrib", "p-cpe:/a:amazon:linux:postgresql8-debuginfo", "p-cpe:/a:amazon:linux:postgresql8-devel", "p-cpe:/a:amazon:linux:postgresql8-docs", "p-cpe:/a:amazon:linux:postgresql8-libs", "p-cpe:/a:amazon:linux:postgresql8-plperl", "p-cpe:/a:amazon:linux:postgresql8-plpython", "p-cpe:/a:amazon:linux:postgresql8-pltcl", "p-cpe:/a:amazon:linux:postgresql8-server", "p-cpe:/a:amazon:linux:postgresql8-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2012-82.NASL", "href": "https://www.tenable.com/plugins/nessus/69689", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2012-82.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69689);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name:\"ALAS\", value:\"2012-82\");\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"Amazon Linux AMI : postgresql8 (ALAS-2012-82)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2012-82.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql8' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql8-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-contrib-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-debuginfo-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-devel-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-docs-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-libs-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-plperl-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-plpython-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-pltcl-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-server-8.4.11-1.34.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql8-test-8.4.11-1.34.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql8 / postgresql8-contrib / postgresql8-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:09:29", "description": "Postgresql was updated to the security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump comments (CVE-2012-0868, bnc#749303).\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html /usr/share/doc/packages/postgresql/HISTORY\n\n - This also fixes bnc#701489.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libecpg6", "p-cpe:/a:novell:opensuse:libecpg6-debuginfo", "p-cpe:/a:novell:opensuse:libpq5", "p-cpe:/a:novell:opensuse:libpq5-32bit", "p-cpe:/a:novell:opensuse:libpq5-debuginfo", "p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql", "p-cpe:/a:novell:opensuse:postgresql-contrib", "p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-debugsource", "p-cpe:/a:novell:opensuse:postgresql-devel", "p-cpe:/a:novell:opensuse:postgresql-devel-32bit", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:postgresql-libs-debugsource", "p-cpe:/a:novell:opensuse:postgresql-plperl", "p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-plpython", "p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-pltcl", "p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo", "p-cpe:/a:novell:opensuse:postgresql-server", "p-cpe:/a:novell:opensuse:postgresql-server-debuginfo", "cpe:/o:novell:opensuse:12.2"], "id": "OPENSUSE-2012-603.NASL", "href": "https://www.tenable.com/plugins/nessus/74756", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2012-603.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74756);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"openSUSE Security Update : postgresql (openSUSE-SU-2012:1173-1)\");\n script_summary(english:\"Check for the openSUSE-2012-603 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Postgresql was updated to the security and bugfix release 9.1.3 :\n\n - Require execute permission on the trigger function for\n 'CREATE TRIGGER' (CVE-2012-0866, bnc#749299).\n\n - Remove arbitrary limitation on length of common name in\n SSL certificates (CVE-2012-0867, bnc#749301).\n\n - Convert newlines to spaces in names written in pg_dump\n comments (CVE-2012-0868, bnc#749303).\n\n - See the release notes for the rest of the changes:\n http://www.postgresql.org/docs/9.1/static/release.html\n /usr/share/doc/packages/postgresql/HISTORY\n\n - This also fixes bnc#701489.\"\n );\n # http://www.postgresql.org/docs/9.1/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701489\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749299\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749301\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=749303\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2012-09/msg00060.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libecpg6-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpq5-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-contrib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-libs-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plperl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-plpython-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-pltcl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:postgresql-server-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libecpg6-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"libpq5-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-contrib-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-debugsource-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-devel-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-libs-debugsource-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plperl-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-plpython-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-pltcl-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"postgresql-server-debuginfo-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"libpq5-debuginfo-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-32bit-9.1.3-7.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", cpu:\"x86_64\", reference:\"postgresql-devel-debuginfo-32bit-9.1.3-7.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-02T14:40:19", "description": "Several local vulnerabilities have been discovered in PostgreSQL, an object-relational SQL database. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2012-0866 It was discovered that the permissions of a function called by a trigger are not checked. This could result in privilege escalation.\n\n - CVE-2012-0867 It was discovered that only the first 32 characters of a host name are checked when validating host names through SSL certificates. This could result in spoofing the connection in limited circumstances.\n\n - CVE-2012-0868 It was discovered that pg_dump did not sanitise object names. This could result in arbitrary SQL command execution if a malformed dump file is opened.", "cvss3": {}, "published": "2012-02-28T00:00:00", "type": "nessus", "title": "Debian DSA-2418-1 : postgresql-8.4 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:postgresql-8.4", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2418.NASL", "href": "https://www.tenable.com/plugins/nessus/58135", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2418. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58135);\n script_version(\"1.14\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"DSA\", value:\"2418\");\n\n script_name(english:\"Debian DSA-2418-1 : postgresql-8.4 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several local vulnerabilities have been discovered in PostgreSQL, an\nobject-relational SQL database. The Common Vulnerabilities and\nExposures project identifies the following problems :\n\n - CVE-2012-0866\n It was discovered that the permissions of a function\n called by a trigger are not checked. This could result\n in privilege escalation.\n\n - CVE-2012-0867\n It was discovered that only the first 32 characters of a\n host name are checked when validating host names through\n SSL certificates. This could result in spoofing the\n connection in limited circumstances.\n\n - CVE-2012-0868\n It was discovered that pg_dump did not sanitise object\n names. This could result in arbitrary SQL command\n execution if a malformed dump file is opened.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0866\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0867\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2012-0868\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/postgresql-8.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2012/dsa-2418\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the postgresql-8.4 packages.\n\nFor the stable distribution (squeeze), this problem has been fixed in\nversion 8.4.11-0squeeze1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-compat3\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-dev\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg6\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpgtypes3\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq-dev\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq5\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plperl-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plpython-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-pltcl-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-server-dev-8.4\", reference:\"8.4.11-0squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:39:10", "description": "Multiple vulnerabilities has been discovered and corrected in postgresql :\n\nPermissions on a function called by a trigger are not properly checked (CVE-2012-0866).\n\nSSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third-party certificate authorities (CVE-2012-0867).\n\nLine breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file (CVE-2012-0868).\n\nThis advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.", "cvss3": {}, "published": "2012-03-01T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : postgresql (MDVSA-2012:026)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64ecpg8.4_6", "p-cpe:/a:mandriva:linux:lib64ecpg9.0_6", "p-cpe:/a:mandriva:linux:lib64pq8.4_5", "p-cpe:/a:mandriva:linux:lib64pq9.0_5", "p-cpe:/a:mandriva:linux:libecpg8.4_6", "p-cpe:/a:mandriva:linux:libecpg9.0_6", "p-cpe:/a:mandriva:linux:libpq8.4_5", "p-cpe:/a:mandriva:linux:libpq9.0_5", "p-cpe:/a:mandriva:linux:postgresql8.4", "p-cpe:/a:mandriva:linux:postgresql8.4-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-devel", "p-cpe:/a:mandriva:linux:postgresql8.4-docs", "p-cpe:/a:mandriva:linux:postgresql8.4-pl", "p-cpe:/a:mandriva:linux:postgresql8.4-plperl", "p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql", "p-cpe:/a:mandriva:linux:postgresql8.4-plpython", "p-cpe:/a:mandriva:linux:postgresql8.4-pltcl", "p-cpe:/a:mandriva:linux:postgresql8.4-server", "p-cpe:/a:mandriva:linux:postgresql9.0", "p-cpe:/a:mandriva:linux:postgresql9.0-contrib", "p-cpe:/a:mandriva:linux:postgresql9.0-devel", "p-cpe:/a:mandriva:linux:postgresql9.0-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-pl", "p-cpe:/a:mandriva:linux:postgresql9.0-plperl", "p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql", "p-cpe:/a:mandriva:linux:postgresql9.0-plpython", "p-cpe:/a:mandriva:linux:postgresql9.0-pltcl", "p-cpe:/a:mandriva:linux:postgresql9.0-server", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-026.NASL", "href": "https://www.tenable.com/plugins/nessus/58177", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:026. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58177);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"MDVSA\", value:\"2012:026\");\n\n script_name(english:\"Mandriva Linux Security Advisory : postgresql (MDVSA-2012:026)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in\npostgresql :\n\nPermissions on a function called by a trigger are not properly checked\n(CVE-2012-0866).\n\nSSL certificate name checks are truncated to 32 characters, allowing\nconnection spoofing under some circumstances when using third-party\ncertificate authorities (CVE-2012-0867).\n\nLine breaks in object names can be exploited to execute arbitrary SQL\nwhen reloading a pg_dump file (CVE-2012-0868).\n\nThis advisory provides the latest versions of PostgreSQL that is not\nvulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64ecpg8.4_6-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pq8.4_5-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libecpg8.4_6-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpq8.4_5-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-contrib-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-devel-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-docs-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plperl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpgsql-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpython-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pltcl-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-server-8.4.11-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ecpg9.0_6-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64pq9.0_5-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libecpg9.0_6-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpq9.0_5-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-contrib-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-devel-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-docs-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plperl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpgsql-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpython-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pltcl-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-server-9.0.7-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:19:20", "description": "From Red Hat Security Advisory 2012:0678 :\n\nUpdated postgresql84 and postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes these issues as well as several data-corruption issues and lesser non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-0678)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-test", "p-cpe:/a:oracle:linux:postgresql84", "p-cpe:/a:oracle:linux:postgresql84-contrib", "p-cpe:/a:oracle:linux:postgresql84-devel", "cpe:/o:oracle:linux:6", "p-cpe:/a:oracle:linux:postgresql84-docs", "p-cpe:/a:oracle:linux:postgresql84-libs", "p-cpe:/a:oracle:linux:postgresql84-plperl", "p-cpe:/a:oracle:linux:postgresql84-plpython", "p-cpe:/a:oracle:linux:postgresql84-pltcl", "p-cpe:/a:oracle:linux:postgresql84-python", "p-cpe:/a:oracle:linux:postgresql84-server", "p-cpe:/a:oracle:linux:postgresql84-tcl", "p-cpe:/a:oracle:linux:postgresql84-test", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2012-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/68529", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2012:0678 and \n# Oracle Linux Security Advisory ELSA-2012-0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68529);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"Oracle Linux 5 / 6 : postgresql / postgresql84 (ELSA-2012-0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2012:0678 :\n\nUpdated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002826.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2012-May/002832.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:20:53", "description": "Versions of PostgreSQL earlier than 9.1.3, 9.0.7, 8.4.11 and are potentially affected by the following vulnerabilities :\n\n - Permissions on a function called by a trigger are not properly checked. (CVE-2012-0866)\n\n - SSL certificate name checks are truncated to 32 characters, allowing connection spoofing under some circumstances when using third party certificates. (CVE-2012-0867)\n\n - Line breaks in object names can be exploited to execute arbitrary SQL when reloading a pg_dump file. (CVE-2012-0868)", "cvss3": {}, "published": "2012-02-28T00:00:00", "type": "nessus", "title": "PostgreSQL < 9.1.3 / 9.0.7 / 8.4.11 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:postgresql:postgresql"], "id": "6337.PRM", "href": "https://www.tenable.com/plugins/nnm/6337", "sourceData": "Binary data 6337.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:08:33", "description": "Update to latest Postgres releases --- resolves some security and data loss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "nessus", "title": "Fedora 17 : postgresql-9.1.3-1.fc17 (2012-2508)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2012-2508.NASL", "href": "https://www.tenable.com/plugins/nessus/58257", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-2508.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58257);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"FEDORA\", value:\"2012-2508\");\n\n script_name(english:\"Fedora 17 : postgresql-9.1.3-1.fc17 (2012-2508)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-7.html\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074606.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cbad45ba\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"postgresql-9.1.3-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:38:49", "description": "The PostgreSQL Global Development Group reports :\n\nThese vulnerabilities could allow users to define triggers that execute functions on which the user does not have EXECUTE permission, allow SSL certificate spoofing and allow line breaks in object names to be exploited to execute code when loading a pg_dump file.", "cvss3": {}, "published": "2012-02-29T00:00:00", "type": "nessus", "title": "FreeBSD : databases/postgresql*-client -- multiple vulnerabilities (174b8864-6237-11e1-be18-14dae938ec40)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:postgresql-client", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_174B8864623711E1BE1814DAE938EC40.NASL", "href": "https://www.tenable.com/plugins/nessus/58162", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58162);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"FreeBSD : databases/postgresql*-client -- multiple vulnerabilities (174b8864-6237-11e1-be18-14dae938ec40)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The PostgreSQL Global Development Group reports :\n\nThese vulnerabilities could allow users to define triggers that\nexecute functions on which the user does not have EXECUTE permission,\nallow SSL certificate spoofing and allow line breaks in object names\nto be exploited to execute code when loading a pg_dump file.\"\n );\n # http://www.postgresql.org/about/news/1377/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/about/news/1377/\"\n );\n # https://vuxml.freebsd.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?67570833\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:postgresql-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/02/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client<8.3.18\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=8.4<8.4.11\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=9<9.0.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"postgresql-client>=9.1<9.1.3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:40:30", "description": "Update to latest Postgres releases --- resolves some security and data loss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-03-08T00:00:00", "type": "nessus", "title": "Fedora 15 : postgresql-9.0.7-1.fc15 (2012-2589)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:postgresql", "cpe:/o:fedoraproject:fedora:15"], "id": "FEDORA_2012-2589.NASL", "href": "https://www.tenable.com/plugins/nessus/58281", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2012-2589.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58281);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"FEDORA\", value:\"2012-2589\");\n\n script_name(english:\"Fedora 15 : postgresql-9.0.7-1.fc15 (2012-2589)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to latest Postgres releases --- resolves some security and data\nloss bugs http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\nhttp://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://www.postgresql.org/docs/9.0/static/release-9-0-7.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-7.html\"\n );\n # http://www.postgresql.org/docs/9.1/static/release-9-1-3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.1/release-9-1-3.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797222\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797915\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=797917\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2012-March/074715.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?10610e11\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:15\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^15([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 15.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC15\", reference:\"postgresql-9.0.7-1.fc15\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T16:00:15", "description": "It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. (CVE-2012-0866)\n\nIt was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32 characters. If a host name was exactly 32 characters, this issue could be exploited by an attacker to spoof the SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2012-0867)\n\nIt was discovered that the PostgreSQL pg_dump utility incorrectly filtered line breaks in object names. An attacker could create object names that execute arbitrary SQL commands when a dump script is reloaded. (CVE-2012-0868).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2012-02-29T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1378-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4", "p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:11.04", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:8.04:-:lts"], "id": "UBUNTU_USN-1378-1.NASL", "href": "https://www.tenable.com/plugins/nessus/58168", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1378-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(58168);\n script_version(\"1.12\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"USN\", value:\"1378-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 / 11.10 : postgresql-8.3, postgresql-8.4, postgresql-9.1 vulnerabilities (USN-1378-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that PostgreSQL incorrectly checked permissions on\nfunctions called by a trigger. An attacker could attach a trigger to a\ntable they owned and possibly escalate privileges. (CVE-2012-0866)\n\nIt was discovered that PostgreSQL incorrectly truncated SSL\ncertificate name checks to 32 characters. If a host name was exactly\n32 characters, this issue could be exploited by an attacker to spoof\nthe SSL certificate. This issue affected Ubuntu 10.04 LTS, Ubuntu\n10.10, Ubuntu 11.04 and Ubuntu 11.10. (CVE-2012-0867)\n\nIt was discovered that the PostgreSQL pg_dump utility incorrectly\nfiltered line breaks in object names. An attacker could create object\nnames that execute arbitrary SQL commands when a dump script is\nreloaded. (CVE-2012-0868).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1378-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected postgresql-8.3, postgresql-8.4 and / or\npostgresql-9.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/02/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2012-2019 Canonical, Inc. / NASL script (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04|11\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04 / 11.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"postgresql-8.3\", pkgver:\"8.3.18-0ubuntu0.8.04\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.10.04\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.10.10\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.11-0ubuntu0.11.04\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"postgresql-9.1\", pkgver:\"9.1.3-0ubuntu0.11.10\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-8.3 / postgresql-8.4 / postgresql-9.1\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:46:46", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes these issues as well as several data-corruption issues and lesser non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:postgresql", "p-cpe:/a:fermilab:scientific_linux:postgresql-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql-server", "p-cpe:/a:fermilab:scientific_linux:postgresql-test", "p-cpe:/a:fermilab:scientific_linux:postgresql84", "p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib", "p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo", "p-cpe:/a:fermilab:scientific_linux:postgresql84-devel", "p-cpe:/a:fermilab:scientific_linux:postgresql84-docs", "p-cpe:/a:fermilab:scientific_linux:postgresql84-libs", "p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython", "p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-python", "p-cpe:/a:fermilab:scientific_linux:postgresql84-server", "p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl", "p-cpe:/a:fermilab:scientific_linux:postgresql84-test", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20120521_POSTGRESQL_AND_POSTGRESQL84_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61316", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61316);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql and postgresql84 on SL5.x, SL6.x i386/x86_64 (20120521)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1205&L=scientific-linux-errata&T=0&P=973\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d76d0787\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-debuginfo-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-debuginfo-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:42:58", "description": "Updated postgresql84 and postgresql packages that fix three security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nThe pg_dump utility inserted object names literally into comments in the SQL script it produces. An unprivileged database user could create an object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during later restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only checked the first 31 characters of the certificate's Common Name field. Depending on the configuration, this could allow an attacker to impersonate a server or a client using a certificate from a trusted Certificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function to be called. This could possibly allow an authenticated database user to call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which fixes these issues as well as several data-corruption issues and lesser non-security issues. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct these issues. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "nessus", "title": "CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:0678)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-plperl", "p-cpe:/a:centos:centos:postgresql-plpython", "p-cpe:/a:centos:centos:postgresql-pltcl", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-test", "p-cpe:/a:centos:centos:postgresql84", "p-cpe:/a:centos:centos:postgresql84-contrib", "p-cpe:/a:centos:centos:postgresql84-devel", "p-cpe:/a:centos:centos:postgresql84-docs", "p-cpe:/a:centos:centos:postgresql84-libs", "p-cpe:/a:centos:centos:postgresql84-plperl", "p-cpe:/a:centos:centos:postgresql84-plpython", "p-cpe:/a:centos:centos:postgresql84-pltcl", "p-cpe:/a:centos:centos:postgresql84-python", "p-cpe:/a:centos:centos:postgresql84-server", "p-cpe:/a:centos:centos:postgresql84-tcl", "p-cpe:/a:centos:centos:postgresql84-test", "cpe:/o:centos:centos:5", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2012-0678.NASL", "href": "https://www.tenable.com/plugins/nessus/59214", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2012:0678 and \n# CentOS Errata and Security Advisory 2012:0678 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59214);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_bugtraq_id(52188);\n script_xref(name:\"RHSA\", value:\"2012:0678\");\n\n script_name(english:\"CentOS 5 / 6 : postgresql / postgresql84 (CESA-2012:0678)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 and postgresql packages that fix three security\nissues are now available for Red Hat Enterprise Linux 5 and 6\nrespectively.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nThe pg_dump utility inserted object names literally into comments in\nthe SQL script it produces. An unprivileged database user could create\nan object whose name includes a newline followed by a SQL command.\nThis SQL command might then be executed by a privileged user during\nlater restore of the backup dump, allowing privilege escalation.\n(CVE-2012-0868)\n\nWhen configured to do SSL certificate verification, PostgreSQL only\nchecked the first 31 characters of the certificate's Common Name\nfield. Depending on the configuration, this could allow an attacker to\nimpersonate a server or a client using a certificate from a trusted\nCertificate Authority issued for a different name. (CVE-2012-0867)\n\nCREATE TRIGGER did not do a permissions check on the trigger function\nto be called. This could possibly allow an authenticated database user\nto call a privileged trigger function on data of their choosing.\n(CVE-2012-0866)\n\nThese updated packages upgrade PostgreSQL to version 8.4.11, which\nfixes these issues as well as several data-corruption issues and\nlesser non-security issues. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct these issues. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018648.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fcf0109b\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2012-May/018650.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b2e4df4e\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql and / or postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2012-0868\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/07/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/05/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/05/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x / 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-contrib-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-devel-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-docs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-libs-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plperl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plpython-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-pltcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-python-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-server-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-tcl-8.4.11-1.el5_8\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-test-8.4.11-1.el5_8\")) flag++;\n\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-contrib-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-devel-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-docs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-libs-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plperl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-plpython-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-pltcl-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-server-8.4.11-1.el6_2\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"postgresql-test-8.4.11-1.el6_2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:41:44", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "SuSE9 Security Update : glibc suite (YOU Patch Number 12813)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE9_12813.NASL", "href": "https://www.tenable.com/plugins/nessus/55918", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55918);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE9 Security Update : glibc suite (YOU Patch Number 12813)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 9 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply YOU patch number 12813.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 9 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-devel-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-html-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-i18ndata-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-info-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-locale-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"glibc-profile-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libxcrypt-2.1.90-61.6\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"libxcrypt-devel-2.1.90-61.6\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"nscd-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"pam-modules-9-18.21\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"pwdutils-2.6.4-2.34\")) flag++;\nif (rpm_check(release:\"SUSE9\", reference:\"timezone-2.3.3-98.123\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-32bit-9-201108011005\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-9-201107291651\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-9-201107291651\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"libxcrypt-32bit-9-201107291733\")) flag++;\nif (rpm_check(release:\"SUSE9\", cpu:\"x86_64\", reference:\"pam-modules-32bit-9-201107291830\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:09:16", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2012-04-03T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : glibc (ZYPP Patch Number 7663)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GLIBC-BLOWFISH-7663.NASL", "href": "https://www.tenable.com/plugins/nessus/58576", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(58576);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 10 Security Update : glibc (ZYPP Patch Number 7663)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7663.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/04/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-devel-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-html-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-i18ndata-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-info-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"glibc-locale-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"libxcrypt-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"nscd-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"pam-modules-10-2.17.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"pwdutils-3.0.7.1-17.36.2\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"libxcrypt-32bit-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:4, cpu:\"x86_64\", reference:\"pam-modules-32bit-10-2.17.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-devel-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-html-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-i18ndata-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-info-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-locale-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"glibc-profile-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libxcrypt-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"libxcrypt-devel-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"nscd-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"pam-modules-10-2.17.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"pwdutils-3.0.7.1-17.36.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"pwdutils-plugin-audit-3.0.7.1-17.36.2\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.4-31.93.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"libxcrypt-32bit-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, cpu:\"x86_64\", reference:\"pam-modules-32bit-10-2.17.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:26:46", "description": "Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2011-10-19T00:00:00", "type": "nessus", "title": "CentOS 5 : postgresql84 (CESA-2011:1378)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql84", "p-cpe:/a:centos:centos:postgresql84-contrib", "p-cpe:/a:centos:centos:postgresql84-devel", "p-cpe:/a:centos:centos:postgresql84-docs", "p-cpe:/a:centos:centos:postgresql84-libs", "p-cpe:/a:centos:centos:postgresql84-plperl", "p-cpe:/a:centos:centos:postgresql84-plpython", "p-cpe:/a:centos:centos:postgresql84-pltcl", "p-cpe:/a:centos:centos:postgresql84-python", "p-cpe:/a:centos:centos:postgresql84-server", "p-cpe:/a:centos:centos:postgresql84-tcl", "p-cpe:/a:centos:centos:postgresql84-test", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-1378.NASL", "href": "https://www.tenable.com/plugins/nessus/56536", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1378 and \n# CentOS Errata and Security Advisory 2011:1378 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56536);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1378\");\n\n script_name(english:\"CentOS 5 : postgresql84 (CESA-2011:1378)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version\n8.4.9. Refer to the PostgreSQL Release Notes for a full list of\nchanges :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018117.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2b316f37\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018118.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fdea9f51\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-devel-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-libs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql84 / postgresql84-contrib / postgresql84-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:27:07", "description": "Updated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2011-10-18T00:00:00", "type": "nessus", "title": "RHEL 5 : postgresql84 (RHSA-2011:1378)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql84", "p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql84-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql84-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-python", "p-cpe:/a:redhat:enterprise_linux:postgresql84-server", "p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql84-test", "cpe:/o:redhat:enterprise_linux:5"], "id": "REDHAT-RHSA-2011-1378.NASL", "href": "https://www.tenable.com/plugins/nessus/56534", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1378. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56534);\n script_version(\"1.18\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1378\");\n\n script_name(english:\"RHEL 5 : postgresql84 (RHSA-2011:1378)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql84 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version\n8.4.9. Refer to the PostgreSQL Release Notes for a full list of\nchanges :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2483\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1378\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1378\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-devel-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql84-libs-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql84 / postgresql84-contrib / postgresql84-devel / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:10", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:glibc", "p-cpe:/a:novell:opensuse:glibc-32bit", "p-cpe:/a:novell:opensuse:glibc-debuginfo", "p-cpe:/a:novell:opensuse:glibc-debuginfo-32bit", "p-cpe:/a:novell:opensuse:glibc-debugsource", "p-cpe:/a:novell:opensuse:glibc-devel", "p-cpe:/a:novell:opensuse:glibc-devel-32bit", "p-cpe:/a:novell:opensuse:glibc-devel-debuginfo", "p-cpe:/a:novell:opensuse:glibc-devel-debuginfo-32bit", "p-cpe:/a:novell:opensuse:glibc-html", "p-cpe:/a:novell:opensuse:glibc-i18ndata", "p-cpe:/a:novell:opensuse:glibc-info", "p-cpe:/a:novell:opensuse:glibc-locale", "p-cpe:/a:novell:opensuse:glibc-locale-32bit", "p-cpe:/a:novell:opensuse:glibc-locale-debuginfo", "p-cpe:/a:novell:opensuse:glibc-locale-debuginfo-32bit", "p-cpe:/a:novell:opensuse:glibc-obsolete", "p-cpe:/a:novell:opensuse:glibc-obsolete-debuginfo", "p-cpe:/a:novell:opensuse:glibc-profile", "p-cpe:/a:novell:opensuse:glibc-profile-32bit", "p-cpe:/a:novell:opensuse:libxcrypt", "p-cpe:/a:novell:opensuse:libxcrypt-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-debuginfo", "p-cpe:/a:novell:opensuse:libxcrypt-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-debugsource", "p-cpe:/a:novell:opensuse:libxcrypt-devel", "p-cpe:/a:novell:opensuse:nscd", "p-cpe:/a:novell:opensuse:nscd-debuginfo", "p-cpe:/a:novell:opensuse:pam-modules", "p-cpe:/a:novell:opensuse:pam-modules-32bit", "p-cpe:/a:novell:opensuse:pam-modules-debuginfo", "p-cpe:/a:novell:opensuse:pam-modules-debuginfo-32bit", "p-cpe:/a:novell:opensuse:pam-modules-debugsource", "p-cpe:/a:novell:opensuse:pwdutils", "p-cpe:/a:novell:opensuse:pwdutils-debuginfo", "p-cpe:/a:novell:opensuse:pwdutils-debugsource", "p-cpe:/a:novell:opensuse:pwdutils-plugin-audit", "p-cpe:/a:novell:opensuse:pwdutils-plugin-audit-debuginfo", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd-32bit", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd-debuginfo", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd-debuginfo-32bit", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_GLIBC-110729.NASL", "href": "https://www.tenable.com/plugins/nessus/75852", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update glibc-4943.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75852);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)\");\n script_summary(english:\"Check for the glibc-4943 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-obsolete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-obsolete-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nscd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-plugin-audit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-plugin-audit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-debuginfo-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-debugsource-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-devel-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-devel-debuginfo-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-html-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-i18ndata-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-info-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-locale-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-locale-debuginfo-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-obsolete-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-obsolete-debuginfo-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"glibc-profile-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-debuginfo-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-debugsource-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-devel-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"nscd-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"nscd-debuginfo-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pam-modules-11.4-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pam-modules-debuginfo-11.4-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pam-modules-debugsource-11.4-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-debuginfo-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-debugsource-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-plugin-audit-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-plugin-audit-debuginfo-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-rpasswd-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"pwdutils-rpasswd-debuginfo-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-debuginfo-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-devel-debuginfo-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-locale-debuginfo-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.3-12.17.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libxcrypt-debuginfo-32bit-3.0.3-9.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"pam-modules-32bit-11.4-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"pam-modules-debuginfo-32bit-11.4-3.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"pwdutils-rpasswd-32bit-3.2.14-4.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"pwdutils-rpasswd-debuginfo-32bit-3.2.14-4.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / glibc-html / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:07", "description": "This update contains yast2 core changes to change the hash generation of new passwords to the new secure style.\n\nPlease read the general notes below :\n\nThe implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:yast2-core", "p-cpe:/a:novell:opensuse:yast2-core-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_YAST2-CORE-110822.NASL", "href": "https://www.tenable.com/plugins/nessus/75781", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update yast2-core-5028.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75781);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)\");\n script_summary(english:\"Check for the yast2-core-5028 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains yast2 core changes to change the hash generation\nof new passwords to the new secure style.\n\nPlease read the general notes below :\n\nThe implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by\ndefault: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yast2-core packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"yast2-core-2.19.4-0.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"yast2-core-devel-2.19.4-0.2.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yast2-core\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:24:41", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : glibc (ZYPP Patch Number 7663) (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2013-12-05T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GLIBC-7663.NASL", "href": "https://www.tenable.com/plugins/nessus/57202", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\n# @DEPRECATED@\n#\n# This script has been deprecated as it duplicates plugin #58576\n# (suse_glibc-blowfish-7663.nasl).\n#\n# Disabled on 2013/12/05.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(57202);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/20 0:18:55\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 10 Security Update : glibc (ZYPP Patch Number 7663) (deprecated)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7663.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n# Deprecated.\nexit(0, \"The plugin duplicates #58576 (suse_glibc-blowfish-7663.nasl).\");\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif ( rpm_check( reference:\"glibc-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-html-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-info-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-2.4-12.9.4\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-devel-2.4-12.9.4\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"nscd-2.4-31.93.1\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"pam-modules-10-2.17.4\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.0.7.1-17.36.2\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"pwdutils-plugin-audit-3.0.7.1-17.36.2\", release:\"SLES10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-html-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-info-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-2.4-12.9.4\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"nscd-2.4-31.93.1\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"pam-modules-10-2.17.4\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.0.7.1-17.36.2\", release:\"SLED10\", cpu:\"i586\", sp: 4) ) flag ++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:21:08", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : glibc (SAT Patch Number 4944) (deprecated)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2013-12-05T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:glibc", "p-cpe:/a:novell:suse_linux:11:glibc-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-devel", "p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-html", "p-cpe:/a:novell:suse_linux:11:glibc-i18ndata", "p-cpe:/a:novell:suse_linux:11:glibc-info", "p-cpe:/a:novell:suse_linux:11:glibc-locale", "p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-profile", "p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit", "p-cpe:/a:novell:suse_linux:11:libxcrypt", "p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit", "p-cpe:/a:novell:suse_linux:11:nscd", "p-cpe:/a:novell:suse_linux:11:pam-modules", "p-cpe:/a:novell:suse_linux:11:pam-modules-32bit", "p-cpe:/a:novell:suse_linux:11:pwdutils", "p-cpe:/a:novell:suse_linux:11:pwdutils-plugin-audit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GLIBC-110729.NASL", "href": "https://www.tenable.com/plugins/nessus/55919", "sourceData": "#%NASL_MIN_LEVEL 999999\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\n# @DEPRECATED@\n#\n# This script has been deprecated as it has been replaced by\n# suse_11_glibc-blowfish-110729.nasl.\n#\n# Disabled on 2013/12/05.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(55919);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/20 0:18:55\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 11.1 Security Update : glibc (SAT Patch Number 4944) (deprecated)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=645140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4944.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pam-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pam-modules-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pwdutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pwdutils-plugin-audit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\n# Deprecated.\nexit(0, \"The plugin duplicates plugin #57839 (suse_11_glibc-blowfish-110729.nasl)\");\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\nflag = 0;\n\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i686\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i686\") ) flag ++;\nif ( rpm_check( reference:\"glibc-html-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-info-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-3.0.3-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"nscd-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-11-1.18.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-plugin-audit-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-html-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-info-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-3.0.3-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-32bit-3.0.3-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"nscd-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-11-1.18.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-32bit-11-1.18.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-plugin-audit-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-html-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-info-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-profile-32bit-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-3.0.3-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-32bit-3.0.3-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"nscd-2.11.1-0.32.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-11-1.18.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-32bit-11-1.18.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-plugin-audit-3.2.8-0.4.1\", release:\"SLES11\", sp: 1, cpu:\"s390x\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i686\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i686\") ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-3.0.3-0.4.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"nscd-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-11-1.18.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.2.8-0.4.1\", release:\"SLED11\", sp: 1, cpu:\"i586\") ) flag ++;\nif ( rpm_check( reference:\"glibc-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-32bit-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-devel-32bit-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-i18ndata-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"glibc-locale-32bit-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-3.0.3-0.4.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"libxcrypt-32bit-3.0.3-0.4.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"nscd-2.11.1-0.32.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-11-1.18.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pam-modules-32bit-11-1.18.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\nif ( rpm_check( reference:\"pwdutils-3.2.8-0.4.1\", release:\"SLED11\", sp: 1, cpu:\"x86_64\") ) flag ++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:42:20", "description": "Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages contain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2011-10-18T00:00:00", "type": "nessus", "title": "RHEL 4 / 5 / 6 : postgresql (RHSA-2011:1377)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:postgresql", "p-cpe:/a:redhat:enterprise_linux:postgresql-contrib", "p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo", "p-cpe:/a:redhat:enterprise_linux:postgresql-devel", "p-cpe:/a:redhat:enterprise_linux:postgresql-docs", "p-cpe:/a:redhat:enterprise_linux:postgresql-jdbc", "p-cpe:/a:redhat:enterprise_linux:postgresql-libs", "p-cpe:/a:redhat:enterprise_linux:postgresql-pl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plperl", "p-cpe:/a:redhat:enterprise_linux:postgresql-plpython", "p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-python", "p-cpe:/a:redhat:enterprise_linux:postgresql-server", "p-cpe:/a:redhat:enterprise_linux:postgresql-tcl", "p-cpe:/a:redhat:enterprise_linux:postgresql-test", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.1"], "id": "REDHAT-RHSA-2011-1377.NASL", "href": "https://www.tenable.com/plugins/nessus/56533", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1377. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56533);\n script_version(\"1.19\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1377\");\n\n script_name(english:\"RHEL 4 / 5 / 6 : postgresql (RHSA-2011:1377)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages\nupgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release\nNotes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages\ncontain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2011-2483\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:1377\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 4.x / 5.x / 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2011:1377\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-contrib-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-devel-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-docs-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-jdbc-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-libs-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-pl-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-python-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-server-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-tcl-7.4.30-3.el4\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"postgresql-test-7.4.30-3.el4\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-devel-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"postgresql-libs-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-contrib-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-contrib-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-contrib-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-debuginfo-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-devel-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-docs-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-docs-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-docs-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"postgresql-libs-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plperl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plperl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plperl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-plpython-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-plpython-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-plpython-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-pltcl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-pltcl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-pltcl-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-server-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-server-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-server-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"postgresql-test-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"postgresql-test-8.4.9-1.el6_1.1\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"postgresql-test-8.4.9-1.el6_1.1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n }\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:10:04", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:glibc-obsolete", "p-cpe:/a:novell:opensuse:glibc-profile", "p-cpe:/a:novell:opensuse:glibc-profile-32bit", "p-cpe:/a:novell:opensuse:libxcrypt", "p-cpe:/a:novell:opensuse:libxcrypt-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-devel", "p-cpe:/a:novell:opensuse:nscd", "p-cpe:/a:novell:opensuse:glibc", "p-cpe:/a:novell:opensuse:glibc-32bit", "p-cpe:/a:novell:opensuse:glibc-devel", "p-cpe:/a:novell:opensuse:glibc-devel-32bit", "p-cpe:/a:novell:opensuse:glibc-html", "p-cpe:/a:novell:opensuse:glibc-i18ndata", "p-cpe:/a:novell:opensuse:glibc-info", "p-cpe:/a:novell:opensuse:glibc-locale", "p-cpe:/a:novell:opensuse:glibc-locale-32bit", "p-cpe:/a:novell:opensuse:pam-modules", "p-cpe:/a:novell:opensuse:pam-modules-32bit", "p-cpe:/a:novell:opensuse:pwdutils", "p-cpe:/a:novell:opensuse:pwdutils-plugin-audit", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd", "p-cpe:/a:novell:opensuse:pwdutils-rpasswd-32bit", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_GLIBC-110729.NASL", "href": "https://www.tenable.com/plugins/nessus/75519", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update glibc-4943.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75519);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : glibc (openSUSE-SU-2011:0921-1)\");\n script_summary(english:\"Check for the glibc-4943 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by\ndefault: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00027.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected glibc packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-obsolete\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pam-modules-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-plugin-audit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:pwdutils-rpasswd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-devel-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-html-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-i18ndata-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-info-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-locale-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-obsolete-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"glibc-profile-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libxcrypt-3.0.3-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libxcrypt-devel-3.0.3-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"nscd-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"pam-modules-11.3-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"pwdutils-3.2.10-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"pwdutils-plugin-audit-3.2.10-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"pwdutils-rpasswd-3.2.10-2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"glibc-32bit-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.2-3.5.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"pam-modules-32bit-11.3-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"pwdutils-rpasswd-32bit-3.2.10-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"glibc / glibc-32bit / glibc-devel / glibc-devel-32bit / glibc-html / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:47:11", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nFor Scientific Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Scientific Linux 4 and 5, the updated postgresql packages contain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql on SL4.x, SL5.x, SL6.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111017_POSTGRESQL_ON_SL4_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61155", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61155);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql on SL4.x, SL5.x, SL6.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nFor Scientific Linux 6, the updated postgresql packages upgrade\nPostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for\na full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Scientific Linux 4 and 5, the updated postgresql packages contain\na backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1110&L=scientific-linux-errata&T=0&P=1584\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?98aeaf38\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-contrib-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-debuginfo-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-devel-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-docs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-jdbc-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-libs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-pl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-python-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-server-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-tcl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"SL4\", reference:\"postgresql-test-7.4.30-3.el4\")) flag++;\n\nif (rpm_check(release:\"SL5\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-debuginfo-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-devel-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-libs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\nif (rpm_check(release:\"SL6\", reference:\"postgresql-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-contrib-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-debuginfo-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-devel-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-docs-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-libs-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plperl-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-plpython-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-pltcl-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-server-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"postgresql-test-8.4.9-1.el6_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:28:09", "description": "A vulnerability was discovered and fixed in php-suhosin :\n\ncrypt_blowfish before 1.1, as used in suhosin does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash (CVE-2011-2483).\n\nThe updated packages have been patched to correct this issue.", "cvss3": {}, "published": "2011-11-29T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : php-suhosin (MDVSA-2011:180)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:php-suhosin", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2011-180.NASL", "href": "https://www.tenable.com/plugins/nessus/56968", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:180. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56968);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"MDVSA\", value:\"2011:180\");\n\n script_name(english:\"Mandriva Linux Security Advisory : php-suhosin (MDVSA-2011:180)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandriva Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and fixed in php-suhosin :\n\ncrypt_blowfish before 1.1, as used in suhosin does not properly handle\n8-bit characters, which makes it easier for context-dependent\nattackers to determine a cleartext password by leveraging knowledge of\na password hash (CVE-2011-2483).\n\nThe updated packages have been patched to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected php-suhosin package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", reference:\"php-suhosin-0.9.32.1-0.6mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", reference:\"php-suhosin-0.9.32.1-9.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:24:58", "description": "The security update for CVE-2011-2483 broke changing blowfish passwords if compat mode was turned on (default). This update fixes the regression.", "cvss3": {}, "published": "2011-08-31T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : libxcrypt (SAT Patch Number 5041)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:libxcrypt", "p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_LIBXCRYPT-110824.NASL", "href": "https://www.tenable.com/plugins/nessus/56018", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56018);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 11.1 Security Update : libxcrypt (SAT Patch Number 5041)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security update for CVE-2011-2483 broke changing blowfish\npasswords if compat mode was turned on (default). This update fixes\nthe regression.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5041.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libxcrypt-3.0.3-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-3.0.3-0.6.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-0.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libxcrypt-3.0.3-0.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libxcrypt-32bit-3.0.3-0.6.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-0.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:26:55", "description": "This update of yast2-core fixes security issues, bugs, and adds a debugging feature.", "cvss3": {}, "published": "2011-10-24T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : yast2-core (ZYPP Patch Number 7725)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_YAST2-CORE-7725.NASL", "href": "https://www.tenable.com/plugins/nessus/56619", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56619);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 10 Security Update : yast2-core (ZYPP Patch Number 7725)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of yast2-core fixes security issues, bugs, and adds a\ndebugging feature.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7725.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"yast2-core-2.13.48-0.5.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"yast2-core-devel-2.13.48-0.5.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:14:05", "description": "- update to 5.0.26 [bnc#848594]\n\n - Added the .cf TLD server.\n\n - Updated the .bi TLD server.\n\n - Added a new ASN allocation.\n\n - includes changes from 5.0.25\n\n - Added the .ax, .bn, .iq, .pw and .rw TLD servers.\n\n - Updated one or more translations.\n\n - includes updates changes 5.0.24 :\n\n - Merged documentation fixes and the whois.conf(5) man page\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.23\n\n - whois.nic.or.kr switched from EUC-KR to UTF-8.\n\n - includes changes from 5.0.22\n\n - Fixed cross-compiling\n\n - includes changes from 5.0.21\n\n - Fixed parsing of 6to4 addresses\n\n - Added the .xn--j1amh (.&Ntilde;&#131;&ETH;&ordm;&Ntilde;&#128;, Ukraine) TLD server.\n\n - Updated the .bi, .se and .vn TLD servers.\n\n - Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken.\n\n - Updated some disclaimer suppression strings.\n\n - Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling.\n\n - includes changes form 5.0.20\n\n - Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers.\n\n - Added the .bw, .td, .xn--mgb9awbf (&Oslash;&sup1;&Ugrave;&#133;&Oslash;&sect;&Ugrave;&#134 ;., Oman), .xn--mgberp4a5d4ar (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop y;, Saudi Arabia) and .xn--mgbx4cd0ab (&iuml;&raquo;&cent;&iuml;&raquo;&nbsp;&iuml;&raquo;&acu te;&iuml;&ordm;&acute;&iuml;&raquo;&sup3;&iuml;&ordm;&#1 41;., Malaysia) TLD servers.\n\n - Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec t;&Ugrave;&#134;., Iran) TLD servers.\n\n - includes changes from 5.0.19\n\n - Added the .post TLD server.\n\n - Updated the .co.za SLD servers.\n\n - Added the .alt.za, .net.za and .web.za SLD servers.\n\n - whois.ua changed (?) the encoding to utf-8.\n\n - Fixed the parsing of 6to4 addresses like whois 2002:xxxx::.\n\n - includes changes from 5.0.18\n\n - Updated the .ae and .xn--mgbaam7a8h (.&Oslash;&sect;&Ugrave;&#133;&Oslash;&sect;&Oslash;&plu smn;&Oslash;&sect;&Oslash;&ordf;, United Arabs Emirates) TLDs.\n\n - Updated the server charset table for .fr and .it.\n\n - includes changes from whois 5.0.17\n\n - Updated the .bi, .fo, .gr and .gt TLD servers.\n\n - Removed support for recursion of .org queries, it has been a thick registry since 2005.\n\n - includes changes from 5.0.16\n\n - Added the .xn--80ao21a (.&Ograve;&#154;&ETH;&#144;&ETH;&#151;, Kazakhstan) TLD server.\n\n - Updated the .ec and .ee TLD servers.\n\n - Removed the .xn--mgbc0a9azcg (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord m;&Oslash;&plusmn;&Oslash;&uml;, Morocco) and .xn--mgberp4a5d4ar (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop y;, Saudi Arabia) TLD servers.\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.15\n\n - Added the .xn--mgba3a4f16a (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec t;&Ugrave;&#134;., Iran) TLD server.\n\n - Updated the .pe TLD server, this time for real.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.14\n\n - Added the .sx TLD server.\n\n - Updated the .pe TLD server.\n\n - includes changes from 5.0.13\n\n - Updated the .hr TLD server.\n\n - Improved the package description\n\n - Updated the FSF address in licenses.\n\n - includes changes from 5.0.12\n\n - Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE).\n\n - Add the '+' flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the 'a' and 'n' flags. No thanks to ARIN for breaking every whois client.\n\n - Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.&iacute;&#149;&#156;&ecirc;&micro;&shy;, Korea), .xn--45brj9c (.&agrave;&brvbar;&shy;&agrave;&brvbar;&frac34;&agrave;& brvbar;&deg;&agrave;&brvbar;&curren;, India, Bengali), .xn--90a3ac (.&ETH;&iexcl;&ETH;&nbsp;&ETH;&#145;, Serbia), .xn--clchc0ea0b2g2a9gcd (.&agrave;&reg;&#154;&agrave;&reg;&iquest;&agrave;&reg;& #153;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&reg ;&ordf;&agrave;&macr;&#141;&agrave;&reg;&ordf;&agrave;&m acr;&#130;&agrave;&reg;&deg;&agrave;&macr;&#141;, Singapore, Tamil), .xn--fpcrj9c3d (.&agrave;&deg;&shy;&agrave;&deg;&frac34;&agrave;&deg;&d eg;&agrave;&deg;&curren;&agrave;&plusmn;&#141;, India, Telugu), .xn--fzc2c9e2c (.&agrave;&para;&frac12;&agrave;&para;&#130;&agrave;&par a;&#154;&agrave;&middot;&#143;, Sri Lanka, Sinhala), .xn--gecrj9c (.&agrave;&ordf;&shy;&agrave;&ordf;&frac34;&agrave;&ordf ;&deg;&agrave;&ordf;&curren;, India, Gujarati), .xn--h2brj9c (.&agrave;&curren;&shy;&agrave;&curren;&frac34;&agrave;& curren;&deg;&agrave;&curren;&curren;, India, Hindi), .xn--lgbbat1ad8j (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&not;&Oslash;&sup2 ;&Oslash;&sect;&Oslash;&brvbar;&Oslash;&plusmn;, Algeria), .xn--mgbayh7gpa (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sect;&Oslash;&plu smn;&Oslash;&macr;&Ugrave;&#134;, Jordan), .xn--mgbbh1a71e (.&Oslash;&uml;&Uacute;&frac34;&Oslash;&sect;&Oslash;&pl usmn;&Oslash;&ordf;, India, Urdu), .xn--mgbc0a9azcg (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord m;&Oslash;&plusmn;&Oslash;&uml;, Morocco), .xn--ogbpf8fl (.&Oslash;&sup3;&Ugrave;&#136;&Oslash;&plusmn;&Ugrave;&# 138;&Oslash;&copy;, Syria), .xn--s9brj9c (.&agrave;&uml;&shy;&agrave;&uml;&frac34;&agrave;&uml;&d eg;&agrave;&uml;&curren;, India, Punjabi), .xn--xkc2al3hye2a (.&agrave;&reg;&#135;&agrave;&reg;&sup2;&agrave;&reg;&#1 53;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&macr;\n &#136;, Sri Lanka, Tamil), .xn--wgbl6a (.&Ugrave;&#130;&Oslash;&middot;&Oslash;&plusmn;, Qatar), .xn--xkc2dl3a5ee0h (.&agrave;&reg;&#135;&agrave;&reg;&uml;&agrave;&macr;&#1 41;&agrave;&reg;&curren;&agrave;&reg;&iquest;&agrave;&re g;&macr;&agrave;&reg;&frac34;, India, Tamil), .xn--yfro4i67o (.&aelig;&#150;&deg;&aring;&#138;&nbsp;&aring;&#157;&iex cl;, Singapore, Chinese) and .xxx TLD servers. (Closes:\n #642424),\n\n - Added the .priv.at pseudo-SLD server.\n\n - Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478)\n\n - Added a new ASN allocation.\n\n - Fixed a typo and -t syntax in whois(1). (Closes:\n #614973, #632588)\n\n - Made whois return an error in some cases, code contributed by David Souther.\n\n - Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE.\n\n - mkpasswd: stop rejecting non-ASCII characters.\n\n - mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483.\n\n - mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default.\n\n - mkpasswd: removed support for 2 and (SHA), which actually are not supported by FreeBSD and libxcrypt.\n\n - packaging changes\n\n - removed patches accepted upstream:\n whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-pre fix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfis h-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.d iff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff\n\n - removed patches no longer required:\n whois-5.0.11-mkpasswd-fix-compiler-warnings.diff\n\n - updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch\n\n - verify source signatures\n\n - crypt_gensalt moved to separate library libowcrypt (fate#314945)\n\n - update to 5.0.26 [bnc#848594]\n\n - Added the .cf TLD server.\n\n - Updated the .bi TLD server.\n\n - Added a new ASN allocation.\n\n - includes changes from 5.0.25\n\n - Added the .ax, .bn, .iq, .pw and .rw TLD servers.\n\n - Updated one or more translations.\n\n - includes updates changes 5.0.24 :\n\n - Merged documentation fixes and the whois.conf(5) man page\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.23\n\n - whois.nic.or.kr switched from EUC-KR to UTF-8.\n\n - includes changes from 5.0.22\n\n - Fixed cross-compiling\n\n - includes changes from 5.0.21\n\n - Fixed parsing of 6to4 addresses\n\n - Added the .xn--j1amh (.&Ntilde;&#131;&ETH;&ordm;&Ntilde;&#128;, Ukraine) TLD server.\n\n - Updated the .bi, .se and .vn TLD servers.\n\n - Removed whois.pandi.or.id from the list of servers which support the RIPE extensions, since it does not anymore and queries are broken.\n\n - Updated some disclaimer suppression strings.\n\n - Respect DEB_HOST_GNU_TYPE when selecting CC for cross-compiling.\n\n - includes changes form 5.0.20\n\n - Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD servers.\n\n - Added the .bw, .td, .xn--mgb9awbf (&Oslash;&sup1;&Ugrave;&#133;&Oslash;&sect;&Ugrave;&#134 ;., Oman), .xn--mgberp4a5d4ar (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop y;, Saudi Arabia) and .xn--mgbx4cd0ab (&iuml;&raquo;&cent;&iuml;&raquo;&nbsp;&iuml;&raquo;&acu te;&iuml;&ordm;&acute;&iuml;&raquo;&sup3;&iuml;&ordm;&#1 41;., Malaysia) TLD servers.\n\n - Removed the .kp, .mc, .rw and .xn--mgba3a4f16a (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec t;&Ugrave;&#134;., Iran) TLD servers.\n\n - includes changes from 5.0.19\n\n - Added the .post TLD server.\n\n - Updated the .co.za SLD servers.\n\n - Added the .alt.za, .net.za and .web.za SLD servers.\n\n - whois.ua changed (?) the encoding to utf-8.\n\n - Fixed the parsing of 6to4 addresses like whois 2002:xxxx::.\n\n - includes changes from 5.0.18\n\n - Updated the .ae and .xn--mgbaam7a8h (.&Oslash;&sect;&Ugrave;&#133;&Oslash;&sect;&Oslash;&plu smn;&Oslash;&sect;&Oslash;&ordf;, United Arabs Emirates) TLDs.\n\n - Updated the server charset table for .fr and .it.\n\n - includes changes from whois 5.0.17\n\n - Updated the .bi, .fo, .gr and .gt TLD servers.\n\n - Removed support for recursion of .org queries, it has been a thick registry since 2005.\n\n - includes changes from 5.0.16\n\n - Added the .xn--80ao21a (.&Ograve;&#154;&ETH;&#144;&ETH;&#151;, Kazakhstan) TLD server.\n\n - Updated the .ec and .ee TLD servers.\n\n - Removed the .xn--mgbc0a9azcg (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord m;&Oslash;&plusmn;&Oslash;&uml;, Morocco) and .xn--mgberp4a5d4ar (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop y;, Saudi Arabia) TLD servers.\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.15\n\n - Added the .xn--mgba3a4f16a (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec t;&Ugrave;&#134;., Iran) TLD server.\n\n - Updated the .pe TLD server, this time for real.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.14\n\n - Added the .sx TLD server.\n\n - Updated the .pe TLD server.\n\n - includes changes from 5.0.13\n\n - Updated the .hr TLD server.\n\n - Improved the package description\n\n - Updated the FSF address in licenses.\n\n - includes changes from 5.0.12\n\n - Recursion disabled when the query string contains spaces, because probably the query format will not be compatible with the referral server (e.g. whois to rwhois or ARIN to RIPE).\n\n - Add the '+' flag by default to queries to whois.arin.net if the argument looks like an IP address. Also add the 'a' and 'n' flags. No thanks to ARIN for breaking every whois client.\n\n - Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua, .pp.ua, .qa, .xn--3e0b707e (.&iacute;&#149;&#156;&ecirc;&micro;&shy;, Korea), .xn--45brj9c (.&agrave;&brvbar;&shy;&agrave;&brvbar;&frac34;&agrave;& brvbar;&deg;&agrave;&brvbar;&curren;, India, Bengali), .xn--90a3ac (.&ETH;&iexcl;&ETH;&nbsp;&ETH;&#145;, Serbia), .xn--clchc0ea0b2g2a9gcd (.&agrave;&reg;&#154;&agrave;&reg;&iquest;&agrave;&reg;& #153;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&reg ;&ordf;&agrave;&macr;&#141;&agrave;&reg;&ordf;&agrave;&m acr;&#130;&agrave;&reg;&deg;&agrave;&macr;&#141;, Singapore, Tamil), .xn--fpcrj9c3d (.&agrave;&deg;&shy;&agrave;&deg;&frac34;&agrave;&deg;&d eg;&agrave;&deg;&curren;&agrave;&plusmn;&#141;, India, Telugu), .xn--fzc2c9e2c (.&agrave;&para;&frac12;&agrave;&para;&#130;&agrave;&par a;&#154;&agrave;&middot;&#143;, Sri Lanka, Sinhala), .xn--gecrj9c (.&agrave;&ordf;&shy;&agrave;&ordf;&frac34;&agrave;&ordf ;&deg;&agrave;&ordf;&curren;, India, Gujarati), .xn--h2brj9c (.&agrave;&curren;&shy;&agrave;&curren;&frac34;&agrave;& curren;&deg;&agrave;&curren;&curren;, India, Hindi), .xn--lgbbat1ad8j (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&not;&Oslash;&sup2 ;&Oslash;&sect;&Oslash;&brvbar;&Oslash;&plusmn;, Algeria), .xn--mgbayh7gpa (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sect;&Oslash;&plu smn;&Oslash;&macr;&Ugrave;&#134;, Jordan), .xn--mgbbh1a71e (.&Oslash;&uml;&Uacute;&frac34;&Oslash;&sect;&Oslash;&pl usmn;&Oslash;&ordf;, India, Urdu), .xn--mgbc0a9azcg (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord m;&Oslash;&plusmn;&Oslash;&uml;, Morocco), .xn--ogbpf8fl (.&Oslash;&sup3;&Ugrave;&#136;&Oslash;&plusmn;&Ugrave;&# 138;&Oslash;&copy;, Syria), .xn--s9brj9c (.&agrave;&uml;&shy;&agrave;&uml;&frac34;&agrave;&uml;&d eg;&agrave;&uml;&curren;, India, Punjabi), .xn--xkc2al3hye2a (.&agrave;&reg;&#135;&agrave;&reg;&sup2;&agrave;&reg;&#1 53;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&macr;\n &#136;, Sri Lanka, Tamil), .xn--wgbl6a (.&Ugrave;&#130;&Oslash;&middot;&Oslash;&plusmn;, Qatar), .xn--xkc2dl3a5ee0h (.&agrave;&reg;&#135;&agrave;&reg;&uml;&agrave;&macr;&#1 41;&agrave;&reg;&curren;&agrave;&reg;&iquest;&agrave;&re g;&macr;&agrave;&reg;&frac34;, India, Tamil), .xn--yfro4i67o (.&aelig;&#150;&deg;&aring;&#138;&nbsp;&aring;&#157;&iex cl;, Singapore, Chinese) and .xxx TLD servers. (Closes:\n #642424),\n\n - Added the .priv.at pseudo-SLD server.\n\n - Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv, .ua and .xn--p1ai TLD servers. (Closes: #590425, #634830, #627478)\n\n - Added a new ASN allocation.\n\n - Fixed a typo and -t syntax in whois(1). (Closes:\n #614973, #632588)\n\n - Made whois return an error in some cases, code contributed by David Souther.\n\n - Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to support SuSE, which has it builtin in the libc. Added untested support for Solaris' crypt_gensalt(3). This and the following changes have been contributed by Ludwig Nussel of SuSE.\n\n - mkpasswd: stop rejecting non-ASCII characters.\n\n - mkpasswd: added support for the 2y algorithm, which fixes CVE-2011-2483.\n\n - mkpasswd: raised the number of rounds for 2a/2y from 4 to 5, which is the current default.\n\n - mkpasswd: removed support for 2 and (SHA), which actually are not supported by FreeBSD and libxcrypt.\n\n - packaging changes\n\n - removed patches accepted upstream:\n whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-pre fix.diff whois-5.0.11-mkpasswd-support-8bit-characters.diff whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfis h-tag-CVE-2011-2483.diff whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.d iff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff\n\n - removed patches no longer required:\n whois-5.0.11-mkpasswd-fix-compiler-warnings.diff\n\n - updated patches: whois-4.7.33-nb.patch to whois-5.0.25-nb.patch\n\n - verify source signatures\n\n - crypt_gensalt moved to separate library libowcrypt (fate#314945)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : whois (openSUSE-SU-2013:1670-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:whois", "p-cpe:/a:novell:opensuse:whois-debuginfo", "p-cpe:/a:novell:opensuse:whois-debugsource", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-849.NASL", "href": "https://www.tenable.com/plugins/nessus/75198", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-849.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75198);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : whois (openSUSE-SU-2013:1670-1)\");\n script_summary(english:\"Check for the openSUSE-2013-849 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\" - update to 5.0.26 [bnc#848594]\n\n - Added the .cf TLD server.\n\n - Updated the .bi TLD server.\n\n - Added a new ASN allocation.\n\n - includes changes from 5.0.25\n\n - Added the .ax, .bn, .iq, .pw and .rw TLD servers.\n\n - Updated one or more translations.\n\n - includes updates changes 5.0.24 :\n\n - Merged documentation fixes and the whois.conf(5) man\n page\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.23\n\n - whois.nic.or.kr switched from EUC-KR to UTF-8.\n\n - includes changes from 5.0.22\n\n - Fixed cross-compiling\n\n - includes changes from 5.0.21\n\n - Fixed parsing of 6to4 addresses\n\n - Added the .xn--j1amh\n (.&Ntilde;&#131;&ETH;&ordm;&Ntilde;&#128;, Ukraine) TLD\n server.\n\n - Updated the .bi, .se and .vn TLD servers.\n\n - Removed whois.pandi.or.id from the list of servers which\n support the RIPE extensions, since it does not anymore\n and queries are broken.\n\n - Updated some disclaimer suppression strings.\n\n - Respect DEB_HOST_GNU_TYPE when selecting CC for\n cross-compiling.\n\n - includes changes form 5.0.20\n\n - Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD\n servers.\n\n - Added the .bw, .td, .xn--mgb9awbf\n (&Oslash;&sup1;&Ugrave;&#133;&Oslash;&sect;&Ugrave;&#134\n ;., Oman), .xn--mgberp4a5d4ar\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup\n 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop\n y;, Saudi Arabia) and .xn--mgbx4cd0ab\n (&iuml;&raquo;&cent;&iuml;&raquo;&nbsp;&iuml;&raquo;&acu\n te;&iuml;&ordm;&acute;&iuml;&raquo;&sup3;&iuml;&ordm;&#1\n 41;., Malaysia) TLD servers.\n\n - Removed the .kp, .mc, .rw and .xn--mgba3a4f16a\n (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec\n t;&Ugrave;&#134;., Iran) TLD servers.\n\n - includes changes from 5.0.19\n\n - Added the .post TLD server.\n\n - Updated the .co.za SLD servers.\n\n - Added the .alt.za, .net.za and .web.za SLD servers.\n\n - whois.ua changed (?) the encoding to utf-8.\n\n - Fixed the parsing of 6to4 addresses like whois\n 2002:xxxx::.\n\n - includes changes from 5.0.18\n\n - Updated the .ae and .xn--mgbaam7a8h\n (.&Oslash;&sect;&Ugrave;&#133;&Oslash;&sect;&Oslash;&plu\n smn;&Oslash;&sect;&Oslash;&ordf;, United Arabs Emirates)\n TLDs.\n\n - Updated the server charset table for .fr and .it.\n\n - includes changes from whois 5.0.17\n\n - Updated the .bi, .fo, .gr and .gt TLD servers.\n\n - Removed support for recursion of .org queries, it has\n been a thick registry since 2005.\n\n - includes changes from 5.0.16\n\n - Added the .xn--80ao21a\n (.&Ograve;&#154;&ETH;&#144;&ETH;&#151;, Kazakhstan) TLD\n server.\n\n - Updated the .ec and .ee TLD servers.\n\n - Removed the .xn--mgbc0a9azcg\n (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord\n m;&Oslash;&plusmn;&Oslash;&uml;, Morocco) and\n .xn--mgberp4a5d4ar\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup\n 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop\n y;, Saudi Arabia) TLD servers.\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.15\n\n - Added the .xn--mgba3a4f16a\n (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec\n t;&Ugrave;&#134;., Iran) TLD server.\n\n - Updated the .pe TLD server, this time for real.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.14\n\n - Added the .sx TLD server.\n\n - Updated the .pe TLD server.\n\n - includes changes from 5.0.13\n\n - Updated the .hr TLD server.\n\n - Improved the package description\n\n - Updated the FSF address in licenses.\n\n - includes changes from 5.0.12\n\n - Recursion disabled when the query string contains\n spaces, because probably the query format will not be\n compatible with the referral server (e.g. whois to\n rwhois or ARIN to RIPE).\n\n - Add the '+' flag by default to queries to whois.arin.net\n if the argument looks like an IP address. Also add the\n 'a' and 'n' flags. No thanks to ARIN for breaking every\n whois client.\n\n - Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua,\n .pp.ua, .qa, .xn--3e0b707e\n (.&iacute;&#149;&#156;&ecirc;&micro;&shy;, Korea),\n .xn--45brj9c\n (.&agrave;&brvbar;&shy;&agrave;&brvbar;&frac34;&agrave;&\n brvbar;&deg;&agrave;&brvbar;&curren;, India, Bengali),\n .xn--90a3ac (.&ETH;&iexcl;&ETH;&nbsp;&ETH;&#145;,\n Serbia), .xn--clchc0ea0b2g2a9gcd\n (.&agrave;&reg;&#154;&agrave;&reg;&iquest;&agrave;&reg;&\n #153;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&reg\n ;&ordf;&agrave;&macr;&#141;&agrave;&reg;&ordf;&agrave;&m\n acr;&#130;&agrave;&reg;&deg;&agrave;&macr;&#141;,\n Singapore, Tamil), .xn--fpcrj9c3d\n (.&agrave;&deg;&shy;&agrave;&deg;&frac34;&agrave;&deg;&d\n eg;&agrave;&deg;&curren;&agrave;&plusmn;&#141;, India,\n Telugu), .xn--fzc2c9e2c\n (.&agrave;&para;&frac12;&agrave;&para;&#130;&agrave;&par\n a;&#154;&agrave;&middot;&#143;, Sri Lanka, Sinhala),\n .xn--gecrj9c\n (.&agrave;&ordf;&shy;&agrave;&ordf;&frac34;&agrave;&ordf\n ;&deg;&agrave;&ordf;&curren;, India, Gujarati),\n .xn--h2brj9c\n (.&agrave;&curren;&shy;&agrave;&curren;&frac34;&agrave;&\n curren;&deg;&agrave;&curren;&curren;, India, Hindi),\n .xn--lgbbat1ad8j\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&not;&Oslash;&sup2\n ;&Oslash;&sect;&Oslash;&brvbar;&Oslash;&plusmn;,\n Algeria), .xn--mgbayh7gpa\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sect;&Oslash;&plu\n smn;&Oslash;&macr;&Ugrave;&#134;, Jordan),\n .xn--mgbbh1a71e\n (.&Oslash;&uml;&Uacute;&frac34;&Oslash;&sect;&Oslash;&pl\n usmn;&Oslash;&ordf;, India, Urdu), .xn--mgbc0a9azcg\n (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord\n m;&Oslash;&plusmn;&Oslash;&uml;, Morocco), .xn--ogbpf8fl\n (.&Oslash;&sup3;&Ugrave;&#136;&Oslash;&plusmn;&Ugrave;&#\n 138;&Oslash;&copy;, Syria), .xn--s9brj9c\n (.&agrave;&uml;&shy;&agrave;&uml;&frac34;&agrave;&uml;&d\n eg;&agrave;&uml;&curren;, India, Punjabi),\n .xn--xkc2al3hye2a\n (.&agrave;&reg;&#135;&agrave;&reg;&sup2;&agrave;&reg;&#1\n 53;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&macr;\n &#136;, Sri Lanka, Tamil), .xn--wgbl6a\n (.&Ugrave;&#130;&Oslash;&middot;&Oslash;&plusmn;,\n Qatar), .xn--xkc2dl3a5ee0h\n (.&agrave;&reg;&#135;&agrave;&reg;&uml;&agrave;&macr;&#1\n 41;&agrave;&reg;&curren;&agrave;&reg;&iquest;&agrave;&re\n g;&macr;&agrave;&reg;&frac34;, India, Tamil),\n .xn--yfro4i67o\n (.&aelig;&#150;&deg;&aring;&#138;&nbsp;&aring;&#157;&iex\n cl;, Singapore, Chinese) and .xxx TLD servers. (Closes:\n #642424),\n\n - Added the .priv.at pseudo-SLD server.\n\n - Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv,\n .ua and .xn--p1ai TLD servers. (Closes: #590425,\n #634830, #627478)\n\n - Added a new ASN allocation.\n\n - Fixed a typo and -t syntax in whois(1). (Closes:\n #614973, #632588)\n\n - Made whois return an error in some cases, code\n contributed by David Souther.\n\n - Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to\n support SuSE, which has it builtin in the libc. Added\n untested support for Solaris' crypt_gensalt(3). This and\n the following changes have been contributed by Ludwig\n Nussel of SuSE.\n\n - mkpasswd: stop rejecting non-ASCII characters.\n\n - mkpasswd: added support for the 2y algorithm, which\n fixes CVE-2011-2483.\n\n - mkpasswd: raised the number of rounds for 2a/2y from 4\n to 5, which is the current default.\n\n - mkpasswd: removed support for 2 and (SHA), which\n actually are not supported by FreeBSD and libxcrypt.\n\n - packaging changes\n\n - removed patches accepted upstream:\n whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff\n whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-pre\n fix.diff\n whois-5.0.11-mkpasswd-support-8bit-characters.diff\n whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfis\n h-tag-CVE-2011-2483.diff\n whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.d\n iff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff\n\n - removed patches no longer required:\n whois-5.0.11-mkpasswd-fix-compiler-warnings.diff\n\n - updated patches: whois-4.7.33-nb.patch to\n whois-5.0.25-nb.patch\n\n - verify source signatures\n\n - crypt_gensalt moved to separate library libowcrypt\n (fate#314945)\n\n - update to 5.0.26 [bnc#848594]\n\n - Added the .cf TLD server.\n\n - Updated the .bi TLD server.\n\n - Added a new ASN allocation.\n\n - includes changes from 5.0.25\n\n - Added the .ax, .bn, .iq, .pw and .rw TLD servers.\n\n - Updated one or more translations.\n\n - includes updates changes 5.0.24 :\n\n - Merged documentation fixes and the whois.conf(5) man\n page\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.23\n\n - whois.nic.or.kr switched from EUC-KR to UTF-8.\n\n - includes changes from 5.0.22\n\n - Fixed cross-compiling\n\n - includes changes from 5.0.21\n\n - Fixed parsing of 6to4 addresses\n\n - Added the .xn--j1amh\n (.&Ntilde;&#131;&ETH;&ordm;&Ntilde;&#128;, Ukraine) TLD\n server.\n\n - Updated the .bi, .se and .vn TLD servers.\n\n - Removed whois.pandi.or.id from the list of servers which\n support the RIPE extensions, since it does not anymore\n and queries are broken.\n\n - Updated some disclaimer suppression strings.\n\n - Respect DEB_HOST_GNU_TYPE when selecting CC for\n cross-compiling.\n\n - includes changes form 5.0.20\n\n - Updated the .by, .ng, .om, .sm, .tn, .ug and .vn TLD\n servers.\n\n - Added the .bw, .td, .xn--mgb9awbf\n (&Oslash;&sup1;&Ugrave;&#133;&Oslash;&sect;&Ugrave;&#134\n ;., Oman), .xn--mgberp4a5d4ar\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup\n 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop\n y;, Saudi Arabia) and .xn--mgbx4cd0ab\n (&iuml;&raquo;&cent;&iuml;&raquo;&nbsp;&iuml;&raquo;&acu\n te;&iuml;&ordm;&acute;&iuml;&raquo;&sup3;&iuml;&ordm;&#1\n 41;., Malaysia) TLD servers.\n\n - Removed the .kp, .mc, .rw and .xn--mgba3a4f16a\n (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec\n t;&Ugrave;&#134;., Iran) TLD servers.\n\n - includes changes from 5.0.19\n\n - Added the .post TLD server.\n\n - Updated the .co.za SLD servers.\n\n - Added the .alt.za, .net.za and .web.za SLD servers.\n\n - whois.ua changed (?) the encoding to utf-8.\n\n - Fixed the parsing of 6to4 addresses like whois\n 2002:xxxx::.\n\n - includes changes from 5.0.18\n\n - Updated the .ae and .xn--mgbaam7a8h\n (.&Oslash;&sect;&Ugrave;&#133;&Oslash;&sect;&Oslash;&plu\n smn;&Oslash;&sect;&Oslash;&ordf;, United Arabs Emirates)\n TLDs.\n\n - Updated the server charset table for .fr and .it.\n\n - includes changes from whois 5.0.17\n\n - Updated the .bi, .fo, .gr and .gt TLD servers.\n\n - Removed support for recursion of .org queries, it has\n been a thick registry since 2005.\n\n - includes changes from 5.0.16\n\n - Added the .xn--80ao21a\n (.&Ograve;&#154;&ETH;&#144;&ETH;&#151;, Kazakhstan) TLD\n server.\n\n - Updated the .ec and .ee TLD servers.\n\n - Removed the .xn--mgbc0a9azcg\n (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord\n m;&Oslash;&plusmn;&Oslash;&uml;, Morocco) and\n .xn--mgberp4a5d4ar\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sup3;&Oslash;&sup\n 1;&Ugrave;&#136;&Oslash;&macr;&Ugrave;&#138;&Oslash;&cop\n y;, Saudi Arabia) TLD servers.\n\n - Added a new ASN allocation.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.15\n\n - Added the .xn--mgba3a4f16a\n (&Oslash;&sect;&Ucirc;&#140;&Oslash;&plusmn;&Oslash;&sec\n t;&Ugrave;&#134;., Iran) TLD server.\n\n - Updated the .pe TLD server, this time for real.\n\n - Updated one or more translations.\n\n - includes changes from 5.0.14\n\n - Added the .sx TLD server.\n\n - Updated the .pe TLD server.\n\n - includes changes from 5.0.13\n\n - Updated the .hr TLD server.\n\n - Improved the package description\n\n - Updated the FSF address in licenses.\n\n - includes changes from 5.0.12\n\n - Recursion disabled when the query string contains\n spaces, because probably the query format will not be\n compatible with the referral server (e.g. whois to\n rwhois or ARIN to RIPE).\n\n - Add the '+' flag by default to queries to whois.arin.net\n if the argument looks like an IP address. Also add the\n 'a' and 'n' flags. No thanks to ARIN for breaking every\n whois client.\n\n - Added the .cv, .lk, .mq, .sy, .so, .biz.ua, .co.ua,\n .pp.ua, .qa, .xn--3e0b707e\n (.&iacute;&#149;&#156;&ecirc;&micro;&shy;, Korea),\n .xn--45brj9c\n (.&agrave;&brvbar;&shy;&agrave;&brvbar;&frac34;&agrave;&\n brvbar;&deg;&agrave;&brvbar;&curren;, India, Bengali),\n .xn--90a3ac (.&ETH;&iexcl;&ETH;&nbsp;&ETH;&#145;,\n Serbia), .xn--clchc0ea0b2g2a9gcd\n (.&agrave;&reg;&#154;&agrave;&reg;&iquest;&agrave;&reg;&\n #153;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&reg\n ;&ordf;&agrave;&macr;&#141;&agrave;&reg;&ordf;&agrave;&m\n acr;&#130;&agrave;&reg;&deg;&agrave;&macr;&#141;,\n Singapore, Tamil), .xn--fpcrj9c3d\n (.&agrave;&deg;&shy;&agrave;&deg;&frac34;&agrave;&deg;&d\n eg;&agrave;&deg;&curren;&agrave;&plusmn;&#141;, India,\n Telugu), .xn--fzc2c9e2c\n (.&agrave;&para;&frac12;&agrave;&para;&#130;&agrave;&par\n a;&#154;&agrave;&middot;&#143;, Sri Lanka, Sinhala),\n .xn--gecrj9c\n (.&agrave;&ordf;&shy;&agrave;&ordf;&frac34;&agrave;&ordf\n ;&deg;&agrave;&ordf;&curren;, India, Gujarati),\n .xn--h2brj9c\n (.&agrave;&curren;&shy;&agrave;&curren;&frac34;&agrave;&\n curren;&deg;&agrave;&curren;&curren;, India, Hindi),\n .xn--lgbbat1ad8j\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&not;&Oslash;&sup2\n ;&Oslash;&sect;&Oslash;&brvbar;&Oslash;&plusmn;,\n Algeria), .xn--mgbayh7gpa\n (.&Oslash;&sect;&Ugrave;&#132;&Oslash;&sect;&Oslash;&plu\n smn;&Oslash;&macr;&Ugrave;&#134;, Jordan),\n .xn--mgbbh1a71e\n (.&Oslash;&uml;&Uacute;&frac34;&Oslash;&sect;&Oslash;&pl\n usmn;&Oslash;&ordf;, India, Urdu), .xn--mgbc0a9azcg\n (.&Oslash;&sect;&Ugrave;&#132;&Ugrave;&#133;&Oslash;&ord\n m;&Oslash;&plusmn;&Oslash;&uml;, Morocco), .xn--ogbpf8fl\n (.&Oslash;&sup3;&Ugrave;&#136;&Oslash;&plusmn;&Ugrave;&#\n 138;&Oslash;&copy;, Syria), .xn--s9brj9c\n (.&agrave;&uml;&shy;&agrave;&uml;&frac34;&agrave;&uml;&d\n eg;&agrave;&uml;&curren;, India, Punjabi),\n .xn--xkc2al3hye2a\n (.&agrave;&reg;&#135;&agrave;&reg;&sup2;&agrave;&reg;&#1\n 53;&agrave;&macr;&#141;&agrave;&reg;&#149;&agrave;&macr;\n &#136;, Sri Lanka, Tamil), .xn--wgbl6a\n (.&Ugrave;&#130;&Oslash;&middot;&Oslash;&plusmn;,\n Qatar), .xn--xkc2dl3a5ee0h\n (.&agrave;&reg;&#135;&agrave;&reg;&uml;&agrave;&macr;&#1\n 41;&agrave;&reg;&curren;&agrave;&reg;&iquest;&agrave;&re\n g;&macr;&agrave;&reg;&frac34;, India, Tamil),\n .xn--yfro4i67o\n (.&aelig;&#150;&deg;&aring;&#138;&nbsp;&aring;&#157;&iex\n cl;, Singapore, Chinese) and .xxx TLD servers. (Closes:\n #642424),\n\n - Added the .priv.at pseudo-SLD server.\n\n - Updated the .co, .gf, .gp, .kr, .li, .rs, .ru, .su, .sv,\n .ua and .xn--p1ai TLD servers. (Closes: #590425,\n #634830, #627478)\n\n - Added a new ASN allocation.\n\n - Fixed a typo and -t syntax in whois(1). (Closes:\n #614973, #632588)\n\n - Made whois return an error in some cases, code\n contributed by David Souther.\n\n - Split HAVE_LINUX_CRYPT_GENSALT from HAVE_XCRYPT to\n support SuSE, which has it builtin in the libc. Added\n untested support for Solaris' crypt_gensalt(3). This and\n the following changes have been contributed by Ludwig\n Nussel of SuSE.\n\n - mkpasswd: stop rejecting non-ASCII characters.\n\n - mkpasswd: added support for the 2y algorithm, which\n fixes CVE-2011-2483.\n\n - mkpasswd: raised the number of rounds for 2a/2y from 4\n to 5, which is the current default.\n\n - mkpasswd: removed support for 2 and (SHA), which\n actually are not supported by FreeBSD and libxcrypt.\n\n - packaging changes\n\n - removed patches accepted upstream:\n whois-5.0.11-mkpasswd-support-Owl-patched-libcrypt.diff\n whois-5.0.11-mkpasswd-crypt_gensalt-might-change-the-pre\n fix.diff\n whois-5.0.11-mkpasswd-support-8bit-characters.diff\n whois-5.0.11-mkpasswd-add-support-for-the-new-2y-blowfis\n h-tag-CVE-2011-2483.diff\n whois-5.0.11-mkpasswd-set-default-blowfish-rounds-to-5.d\n iff whois-5.0.11-mkpasswd-remove-obsolete-settings.diff\n\n - removed patches no longer required:\n whois-5.0.11-mkpasswd-fix-compiler-warnings.diff\n\n - updated patches: whois-4.7.33-nb.patch to\n whois-5.0.25-nb.patch\n\n - verify source signatures\n\n - crypt_gensalt moved to separate library libowcrypt\n (fate#314945)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=848594\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-11/msg00025.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected whois packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:whois\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:whois-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:whois-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.2\", reference:\"whois-5.0.26-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"whois-debuginfo-5.0.26-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"whois-debugsource-5.0.26-10.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"whois-5.0.26-12.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"whois-debuginfo-5.0.26-12.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"whois-debugsource-5.0.26-12.4.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"whois / whois-debuginfo / whois-debugsource\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:08", "description": "The crypt(3) manpage was updated to also list the 2y prefix.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : man-pages (openSUSE-SU-2011:0970-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:man-pages", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_MAN-PAGES-110823.NASL", "href": "https://www.tenable.com/plugins/nessus/75642", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update man-pages-5032.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75642);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : man-pages (openSUSE-SU-2011:0970-1)\");\n script_summary(english:\"Check for the man-pages-5032 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"The crypt(3) manpage was updated to also list the 2y prefix.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00044.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected man-pages package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:man-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"man-pages-3.25-2.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"man-pages\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:25:32", "description": "A signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : postgresql (ALAS-2011-12)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:postgresql", "p-cpe:/a:amazon:linux:postgresql-contrib", "p-cpe:/a:amazon:linux:postgresql-debuginfo", "p-cpe:/a:amazon:linux:postgresql-devel", "p-cpe:/a:amazon:linux:postgresql-docs", "p-cpe:/a:amazon:linux:postgresql-libs", "p-cpe:/a:amazon:linux:postgresql-plperl", "p-cpe:/a:amazon:linux:postgresql-plpython", "p-cpe:/a:amazon:linux:postgresql-pltcl", "p-cpe:/a:amazon:linux:postgresql-server", "p-cpe:/a:amazon:linux:postgresql-test", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2011-12.NASL", "href": "https://www.tenable.com/plugins/nessus/69571", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2011-12.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69571);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2018/04/18 15:09:34\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_xref(name:\"ALAS\", value:\"2011-12\");\n script_xref(name:\"RHSA\", value:\"2011:1377\");\n\n script_name(english:\"Amazon Linux AMI : postgresql (ALAS-2011-12)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2011-12.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update postgresql' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-contrib-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-debuginfo-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-devel-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-docs-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-libs-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-plperl-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-plpython-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-pltcl-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-server-8.4.9-1.13.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"postgresql-test-8.4.9-1.13.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:42:20", "description": "It was discovered that the blowfish algorithm in the pgcrypto module incorrectly handled certain 8-bit characters, resulting in the password hashes being easier to crack than expected. An attacker who could obtain the password hashes would be able to recover the plaintext with less effort.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2011-10-14T00:00:00", "type": "nessus", "title": "Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : postgresql-8.3, postgresql-8.4 vulnerability (USN-1229-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2019-09-19T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:8.04:-:lts", "cpe:/o:canonical:ubuntu_linux:10.10", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.04", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3", "p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4"], "id": "UBUNTU_USN-1229-1.NASL", "href": "https://www.tenable.com/plugins/nessus/56506", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1229-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(56506);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:27\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"USN\", value:\"1229-1\");\n\n script_name(english:\"Ubuntu 8.04 LTS / 10.04 LTS / 10.10 / 11.04 : postgresql-8.3, postgresql-8.4 vulnerability (USN-1229-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that the blowfish algorithm in the pgcrypto module\nincorrectly handled certain 8-bit characters, resulting in the\npassword hashes being easier to crack than expected. An attacker who\ncould obtain the password hashes would be able to recover the\nplaintext with less effort.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1229-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql-8.3 and / or postgresql-8.4 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:8.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2011-2019 Canonical, Inc. / NASL script (C) 2011-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(8\\.04|10\\.04|10\\.10|11\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 8.04 / 10.04 / 10.10 / 11.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"8.04\", pkgname:\"postgresql-8.3\", pkgver:\"8.3.16-0ubuntu0.8.04\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.9-0ubuntu0.10.04\")) flag++;\nif (ubuntu_check(osver:\"10.10\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.9-0ubuntu0.10.10\")) flag++;\nif (ubuntu_check(osver:\"11.04\", pkgname:\"postgresql-8.4\", pkgver:\"8.4.9-0ubuntu0.11.04\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql-8.3 / postgresql-8.4\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:42:53", "description": "magnum discovered that the blowfish password hashing used amongst others in PostgreSQL contained a weakness that would give passwords with 8 bit characters the same hash as weaker equivalents.", "cvss3": {}, "published": "2011-11-08T00:00:00", "type": "nessus", "title": "Debian DSA-2340-1 : postgresql-8.3, postgresql-8.4, postgresql-9.0 - weak password hashing", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:postgresql-8.3", "p-cpe:/a:debian:debian_linux:postgresql-8.4", "p-cpe:/a:debian:debian_linux:postgresql-9.0", "cpe:/o:debian:debian_linux:5.0", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DSA-2340.NASL", "href": "https://www.tenable.com/plugins/nessus/56730", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2340. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56730);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"DSA\", value:\"2340\");\n\n script_name(english:\"Debian DSA-2340-1 : postgresql-8.3, postgresql-8.4, postgresql-9.0 - weak password hashing\");\n script_summary(english:\"Checks dpkg output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"magnum discovered that the blowfish password hashing used amongst\nothers in PostgreSQL contained a weakness that would give passwords\nwith 8 bit characters the same hash as weaker equivalents.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631285\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/postgresql-8.4\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2011/dsa-2340\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the postgresql packages.\n\nFor the oldstable distribution (lenny), this problem has been fixed in\npostgresql-8.3 version 8.3.16-0lenny1.\n\nFor the stable distribution (squeeze), this problem has been fixed in\npostgresql-8.4 version 8.4.9-0squeeze1.\n\nThe updates also include reliability improvements, originally\nscheduled for inclusion into the next point release; for details see\nthe respective changelogs.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-8.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:postgresql-9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:5.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/11/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"5.0\", prefix:\"postgresql-8.3\", reference:\"8.3.16-0lenny1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-compat3\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg-dev\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libecpg6\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpgtypes3\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq-dev\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libpq5\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-client-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-contrib-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-doc-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plperl-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-plpython-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-pltcl-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"postgresql-server-dev-8.4\", reference:\"8.4.9-0squeeze1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:12:05", "description": "The crypt(3) manpage was updated to also list the 2y prefix.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : man-pages (openSUSE-SU-2011:0970-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:man-pages", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_MAN-PAGES-110823.NASL", "href": "https://www.tenable.com/plugins/nessus/75943", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update man-pages-5032.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75943);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : man-pages (openSUSE-SU-2011:0970-1)\");\n script_summary(english:\"Check for the man-pages-5032 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\"The crypt(3) manpage was updated to also list the 2y prefix.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00044.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected man-pages package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:man-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"man-pages-3.32-4.5.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"man-pages\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:07", "description": "The security update for CVE-2011-2483 broke changing blowfish passwords if compat mode was turned on (default). This update fixes the regression.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxcrypt (openSUSE-SU-2011:0972-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxcrypt", "p-cpe:/a:novell:opensuse:libxcrypt-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-devel", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_LIBXCRYPT-110824.NASL", "href": "https://www.tenable.com/plugins/nessus/75631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libxcrypt-5049.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75631);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : libxcrypt (openSUSE-SU-2011:0972-1)\");\n script_summary(english:\"Check for the libxcrypt-5049 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security update for CVE-2011-2483 broke changing blowfish\npasswords if compat mode was turned on (default). This update fixes\nthe regression.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00045.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libxcrypt-3.0.3-5.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"libxcrypt-devel-3.0.3-5.11.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-5.11.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxcrypt / libxcrypt-32bit / libxcrypt-devel\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:26:56", "description": "Updated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages contain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2011-10-19T00:00:00", "type": "nessus", "title": "CentOS 4 / 5 : postgresql (CESA-2011:1377)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:postgresql", "p-cpe:/a:centos:centos:postgresql-contrib", "p-cpe:/a:centos:centos:postgresql-devel", "p-cpe:/a:centos:centos:postgresql-docs", "p-cpe:/a:centos:centos:postgresql-jdbc", "p-cpe:/a:centos:centos:postgresql-libs", "p-cpe:/a:centos:centos:postgresql-pl", "p-cpe:/a:centos:centos:postgresql-python", "p-cpe:/a:centos:centos:postgresql-server", "p-cpe:/a:centos:centos:postgresql-tcl", "p-cpe:/a:centos:centos:postgresql-test", "cpe:/o:centos:centos:4", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2011-1377.NASL", "href": "https://www.tenable.com/plugins/nessus/56535", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2011:1377 and \n# CentOS Errata and Security Advisory 2011:1377 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56535);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1377\");\n\n script_name(english:\"CentOS 4 / 5 : postgresql (CESA-2011:1377)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages\nupgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release\nNotes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages\ncontain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018165.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c6786291\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-November/018166.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c47b658f\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018115.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6cd9d35e\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2011-October/018116.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?cedd88ec\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/11/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 4.x / 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-contrib-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-contrib-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-devel-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-devel-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-docs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-docs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-jdbc-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-jdbc-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-libs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-libs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-pl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-pl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-python-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-python-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-server-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-server-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-tcl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-tcl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"postgresql-test-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"postgresql-test-7.4.30-3.el4\")) flag++;\n\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-devel-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-libs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:25:00", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : glibc (ZYPP Patch Number 7659)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_GLIBC-7659.NASL", "href": "https://www.tenable.com/plugins/nessus/55920", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55920);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 10 Security Update : glibc (ZYPP Patch Number 7659)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7659.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-devel-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-html-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-i18ndata-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-info-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-locale-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"glibc-profile-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libxcrypt-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"libxcrypt-devel-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"nscd-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"pam-modules-10-2.17.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"pwdutils-3.0.7.1-17.34.36.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, reference:\"pwdutils-plugin-audit-3.0.7.1-17.34.36.3\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-32bit-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.4-31.77.86.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"libxcrypt-32bit-2.4-12.9.4\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:3, cpu:\"x86_64\", reference:\"pam-modules-32bit-10-2.17.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:24:58", "description": "Manual pages for several kernel and library functions were added. The crypt(3) manual page was updated to also list the 2y prefix.", "cvss3": {}, "published": "2011-08-31T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : man-pages (SAT Patch Number 5064)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:man-pages", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_MAN-PAGES-110825.NASL", "href": "https://www.tenable.com/plugins/nessus/56019", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56019);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 11.1 Security Update : man-pages (SAT Patch Number 5064)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Manual pages for several kernel and library functions were added. The\ncrypt(3) manual page was updated to also list the 2y prefix.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=707484\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=707487\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713389\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5064.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:man-pages\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"man-pages-3.15-2.14.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"man-pages-3.15-2.14.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"man-pages-3.15-2.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:10:03", "description": "The security update for CVE-2011-2483 broke changing blowfish passwords if compat mode was turned on (default). This update fixes the regression.", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxcrypt (openSUSE-SU-2011:0972-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxcrypt", "p-cpe:/a:novell:opensuse:libxcrypt-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-debuginfo", "p-cpe:/a:novell:opensuse:libxcrypt-debuginfo-32bit", "p-cpe:/a:novell:opensuse:libxcrypt-debugsource", "p-cpe:/a:novell:opensuse:libxcrypt-devel", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_LIBXCRYPT-110824.NASL", "href": "https://www.tenable.com/plugins/nessus/75934", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update libxcrypt-5049.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75934);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : libxcrypt (openSUSE-SU-2011:0972-1)\");\n script_summary(english:\"Check for the libxcrypt-5049 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The security update for CVE-2011-2483 broke changing blowfish\npasswords if compat mode was turned on (default). This update fixes\nthe regression.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=713727\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00045.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxcrypt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debuginfo-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxcrypt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-3.0.3-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-debuginfo-3.0.3-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-debugsource-3.0.3-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"libxcrypt-devel-3.0.3-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-9.12.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", cpu:\"x86_64\", reference:\"libxcrypt-debuginfo-32bit-3.0.3-9.12.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxcrypt / libxcrypt-32bit / libxcrypt-devel / libxcrypt-debuginfo / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:27:08", "description": "A vulnerability was discovered and corrected in postgresql :\n\ncontrib/pg_crypto's blowfish encryption code could give wrong results on platforms where char is signed (which is most), leading to encrypted passwords being weaker than they should be (CVE-2011-2483).\n\nAdditionally corrected ossp-uuid packages as well as corrected support in postgresql 9.0.x are being provided for Mandriva Linux 2011.\n\nThis update provides a solution to this vulnerability.", "cvss3": {}, "published": "2011-10-25T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : postgresql (MDVSA-2011:161)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64ecpg8.4_6", "p-cpe:/a:mandriva:linux:lib64ecpg9.0_6", "p-cpe:/a:mandriva:linux:lib64ossp-uuid%2b%2b16", "p-cpe:/a:mandriva:linux:lib64ossp-uuid-devel", "p-cpe:/a:mandriva:linux:lib64ossp-uuid16", "p-cpe:/a:mandriva:linux:lib64ossp-uuid_dce16", "p-cpe:/a:mandriva:linux:lib64pq8.4_5", "p-cpe:/a:mandriva:linux:lib64pq9.0_5", "p-cpe:/a:mandriva:linux:libecpg8.4_6", "p-cpe:/a:mandriva:linux:libecpg9.0_6", "p-cpe:/a:mandriva:linux:libossp-uuid%2b%2b16", "p-cpe:/a:mandriva:linux:libossp-uuid-devel", "p-cpe:/a:mandriva:linux:libossp-uuid16", "p-cpe:/a:mandriva:linux:libossp-uuid_dce16", "p-cpe:/a:mandriva:linux:libpq8.4_5", "p-cpe:/a:mandriva:linux:libpq9.0_5", "p-cpe:/a:mandriva:linux:ossp-uuid", "p-cpe:/a:mandriva:linux:perl-ossp-uuid", "p-cpe:/a:mandriva:linux:php-ossp-uuid", "p-cpe:/a:mandriva:linux:postgresql-ossp-uuid", "p-cpe:/a:mandriva:linux:postgresql8.4", "p-cpe:/a:mandriva:linux:postgresql8.4-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-devel", "p-cpe:/a:mandriva:linux:postgresql8.4-docs", "p-cpe:/a:mandriva:linux:postgresql8.4-pl", "p-cpe:/a:mandriva:linux:postgresql8.4-plperl", "p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql", "p-cpe:/a:mandriva:linux:postgresql8.4-plpython", "p-cpe:/a:mandriva:linux:postgresql8.4-pltcl", "p-cpe:/a:mandriva:linux:postgresql8.4-server", "p-cpe:/a:mandriva:linux:postgresql9.0", "p-cpe:/a:mandriva:linux:postgresql9.0-contrib", "p-cpe:/a:mandriva:linux:postgresql9.0-devel", "p-cpe:/a:mandriva:linux:postgresql9.0-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-pl", "p-cpe:/a:mandriva:linux:postgresql9.0-plperl", "p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql", "p-cpe:/a:mandriva:linux:postgresql9.0-plpython", "p-cpe:/a:mandriva:linux:postgresql9.0-pltcl", "p-cpe:/a:mandriva:linux:postgresql9.0-server", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2011-161.NASL", "href": "https://www.tenable.com/plugins/nessus/56627", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2011:161. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56627);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"MDVSA\", value:\"2011:161\");\n\n script_name(english:\"Mandriva Linux Security Advisory : postgresql (MDVSA-2011:161)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A vulnerability was discovered and corrected in postgresql :\n\ncontrib/pg_crypto's blowfish encryption code could give wrong results\non platforms where char is signed (which is most), leading to\nencrypted passwords being weaker than they should be (CVE-2011-2483).\n\nAdditionally corrected ossp-uuid packages as well as corrected support\nin postgresql 9.0.x are being provided for Mandriva Linux 2011.\n\nThis update provides a solution to this vulnerability.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.3/release-8-3-15.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.3/release-8-3-16.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release-8-4-8.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release-8-4-9.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-5.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/support/security/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ossp-uuid++16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ossp-uuid-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ossp-uuid16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ossp-uuid_dce16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libossp-uuid++16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libossp-uuid-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libossp-uuid16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libossp-uuid_dce16\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ossp-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:perl-OSSP-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:php-OSSP-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql-OSSP-uuid\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/10/25\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64ecpg8.4_6-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pq8.4_5-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libecpg8.4_6-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpq8.4_5-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-contrib-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-devel-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-docs-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pl-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plperl-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpgsql-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpython-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pltcl-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-server-8.4.9-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ecpg9.0_6-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ossp-uuid++16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ossp-uuid-devel-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ossp-uuid16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ossp-uuid_dce16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64pq9.0_5-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libecpg9.0_6-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libossp-uuid++16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libossp-uuid-devel-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libossp-uuid16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libossp-uuid_dce16-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpq9.0_5-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"ossp-uuid-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"perl-OSSP-uuid-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"php-OSSP-uuid-1.6.2-8.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql-OSSP-uuid-1.6.2-5.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-contrib-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-devel-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-docs-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pl-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plperl-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpgsql-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpython-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pltcl-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-server-9.0.5-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:11:08", "description": "This update contains yast2 core changes to change the hash generation of new passwords to the new secure style.\n\nPlease read the general notes below :\n\nThe implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:yast2-core", "p-cpe:/a:novell:opensuse:yast2-core-debuginfo", "p-cpe:/a:novell:opensuse:yast2-core-debugsource", "p-cpe:/a:novell:opensuse:yast2-core-devel", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_YAST2-CORE-110822.NASL", "href": "https://www.tenable.com/plugins/nessus/76052", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update yast2-core-5028.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(76052);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"openSUSE Security Update : yast2-core (openSUSE-SU-2011:0921-2)\");\n script_summary(english:\"Check for the yast2-core-5028 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update contains yast2 core changes to change the hash generation\nof new passwords to the new secure style.\n\nPlease read the general notes below :\n\nThe implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods (CVE-2011-2483).\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y\n\n-> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0 <username>\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-08/msg00038.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected yast2-core packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:yast2-core-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"yast2-core-2.20.1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"yast2-core-debuginfo-2.20.1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"yast2-core-debugsource-2.20.1-0.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"yast2-core-devel-2.20.1-0.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"yast2-core\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-03T15:01:08", "description": "This update of yast2-core fixes security issues, bugs, and adds a debugging feature.", "cvss3": {}, "published": "2011-12-13T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : yast2-core (ZYPP Patch Number 7726)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_YAST2-CORE-7726.NASL", "href": "https://www.tenable.com/plugins/nessus/57270", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57270);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 10 Security Update : yast2-core (ZYPP Patch Number 7726)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of yast2-core fixes security issues, bugs, and adds a\ndebugging feature.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 7726.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/12/13\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"yast2-core-2.13.48-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"yast2-core-2.13.48-0.8.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:4, reference:\"yast2-core-devel-2.13.48-0.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T15:28:20", "description": "From Red Hat Security Advisory 2011:1378 :\n\nUpdated postgresql84 packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : postgresql84 (ELSA-2011-1378)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql84", "p-cpe:/a:oracle:linux:postgresql84-contrib", "p-cpe:/a:oracle:linux:postgresql84-devel", "p-cpe:/a:oracle:linux:postgresql84-docs", "p-cpe:/a:oracle:linux:postgresql84-libs", "p-cpe:/a:oracle:linux:postgresql84-plperl", "p-cpe:/a:oracle:linux:postgresql84-plpython", "p-cpe:/a:oracle:linux:postgresql84-pltcl", "p-cpe:/a:oracle:linux:postgresql84-python", "p-cpe:/a:oracle:linux:postgresql84-server", "p-cpe:/a:oracle:linux:postgresql84-tcl", "p-cpe:/a:oracle:linux:postgresql84-test", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2011-1378.NASL", "href": "https://www.tenable.com/plugins/nessus/68371", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1378 and \n# Oracle Linux Security Advisory ELSA-2011-1378 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68371);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1378\");\n\n script_name(english:\"Oracle Linux 5 : postgresql84 (ELSA-2011-1378)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1378 :\n\nUpdated postgresql84 packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version\n8.4.9. Refer to the PostgreSQL Release Notes for a full list of\nchanges :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002408.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql84 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql84-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-devel-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-libs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql84 / postgresql84-contrib / postgresql84-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:22:27", "description": "From Red Hat Security Advisory 2011:1377 :\n\nUpdated postgresql packages that fix one security issue are now available for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages contain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 4 / 5 / 6 : postgresql (ELSA-2011-1377)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:postgresql", "p-cpe:/a:oracle:linux:postgresql-contrib", "p-cpe:/a:oracle:linux:postgresql-devel", "p-cpe:/a:oracle:linux:postgresql-docs", "p-cpe:/a:oracle:linux:postgresql-jdbc", "p-cpe:/a:oracle:linux:postgresql-libs", "p-cpe:/a:oracle:linux:postgresql-pl", "p-cpe:/a:oracle:linux:postgresql-plperl", "p-cpe:/a:oracle:linux:postgresql-plpython", "p-cpe:/a:oracle:linux:postgresql-pltcl", "p-cpe:/a:oracle:linux:postgresql-python", "p-cpe:/a:oracle:linux:postgresql-server", "p-cpe:/a:oracle:linux:postgresql-tcl", "p-cpe:/a:oracle:linux:postgresql-test", "cpe:/o:oracle:linux:4", "cpe:/o:oracle:linux:5", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2011-1377.NASL", "href": "https://www.tenable.com/plugins/nessus/68370", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2011:1377 and \n# Oracle Linux Security Advisory ELSA-2011-1377 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68370);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n script_bugtraq_id(49241);\n script_xref(name:\"RHSA\", value:\"2011:1377\");\n\n script_name(english:\"Oracle Linux 4 / 5 / 6 : postgresql (ELSA-2011-1377)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2011:1377 :\n\nUpdated postgresql packages that fix one security issue are now\navailable for Red Hat Enterprise Linux 4, 5, and 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nPostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nFor Red Hat Enterprise Linux 6, the updated postgresql packages\nupgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release\nNotes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nFor Red Hat Enterprise Linux 4 and 5, the updated postgresql packages\ncontain a backported patch.\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002405.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002406.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2011-October/002407.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected postgresql packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-jdbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-tcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:postgresql-test\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(4|5|6)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 4 / 5 / 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-contrib-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-devel-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-docs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-jdbc-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-libs-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-pl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-python-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-server-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-tcl-7.4.30-3.el4\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"postgresql-test-7.4.30-3.el4\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"postgresql-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-contrib-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-devel-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-docs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-libs-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-pl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-python-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-server-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-tcl-8.1.23-1.el5_7.2\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"postgresql-test-8.1.23-1.el5_7.2\")) flag++;\n\nif (rpm_check(release:\"EL6\", reference:\"postgresql-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-contrib-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-devel-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-docs-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-libs-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plperl-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-plpython-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-pltcl-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-server-8.4.9-1.el6_1.1\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"postgresql-test-8.4.9-1.el6_1.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"postgresql / postgresql-contrib / postgresql-devel / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:40:11", "description": "The implementation of the blowfish based password hashing method had a bug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force methods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing function (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After installing the update existing $2a hashes therefore no longer match hashes generated with the new, correct implementation if the password contains 8bit characters. For system logins via PAM the pam_unix2 module activates a compat mode and keeps processing existing $2a hashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously identify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are advised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords using the blowfish hash do not have such a compat mode. That means users with 8bit passwords that use such services will not be able to log in anymore after the update. As workaround administrators may edit the service's password database and change stored hashes from $2a to $2x. This will result in crypt() using the old algorithm. Users should be required to change their passwords to make sure they are migrated to the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any way? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x -> buggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the password database and change the '$2a' prefix of the affected users' hashes to '$2x'. They will be able to log in again but should change their password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set BLOWFISH_2a2x=no in /etc/default/passwd", "cvss3": {}, "published": "2012-02-06T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:glibc", "p-cpe:/a:novell:suse_linux:11:glibc-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-devel", "p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-html", "p-cpe:/a:novell:suse_linux:11:glibc-i18ndata", "p-cpe:/a:novell:suse_linux:11:glibc-info", "p-cpe:/a:novell:suse_linux:11:glibc-locale", "p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit", "p-cpe:/a:novell:suse_linux:11:glibc-profile", "p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit", "p-cpe:/a:novell:suse_linux:11:libxcrypt", "p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit", "p-cpe:/a:novell:suse_linux:11:nscd", "p-cpe:/a:novell:suse_linux:11:pam-modules", "p-cpe:/a:novell:suse_linux:11:pam-modules-32bit", "p-cpe:/a:novell:suse_linux:11:pwdutils", "p-cpe:/a:novell:suse_linux:11:pwdutils-plugin-audit", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_GLIBC-BLOWFISH-110729.NASL", "href": "https://www.tenable.com/plugins/nessus/57839", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(57839);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 11.1 Security Update : glibc (SAT Patch Number 4944)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The implementation of the blowfish based password hashing method had a\nbug affecting passwords that contain 8bit characters (e.g. umlauts).\nAffected passwords are potentially faster to crack via brute-force\nmethods. (CVE-2011-2483)\n\nSUSE's crypt() implementation supports the blowfish password hashing\nfunction (id $2a) and system logins by default also use this method.\nThis update eliminates the bug in the $2a implementation. After\ninstalling the update existing $2a hashes therefore no longer match\nhashes generated with the new, correct implementation if the password\ncontains 8bit characters. For system logins via PAM the pam_unix2\nmodule activates a compat mode and keeps processing existing $2a\nhashes with the old algorithm. This ensures no user gets locked out.\nNew passwords hashes are created with the id '$2y' to unambiguously\nidentify them as generated with the correct implementation.\n\nNote: To actually migrate hashes to the new algorithm all users are\nadvised to change passwords after the update.\n\nServices that do not use PAM but do use crypt() to store passwords\nusing the blowfish hash do not have such a compat mode. That means\nusers with 8bit passwords that use such services will not be able to\nlog in anymore after the update. As workaround administrators may edit\nthe service's password database and change stored hashes from $2a to\n$2x. This will result in crypt() using the old algorithm. Users should\nbe required to change their passwords to make sure they are migrated\nto the correct algorithm.\n\nFAQ :\n\nQ: I only use ASCII characters in passwords, am I a affected in any\nway? A: No.\n\nQ: What's the meaning of the ids before and after the update? A:\nBefore the update: $2a -> buggy algorithm\n\nAfter the update: $2x -> buggy algorithm $2a -> correct algorithm $2y\n-> correct algorithm\n\nSystem logins using PAM have a compat mode enabled by default: $2x ->\nbuggy algorithm $2a -> buggy algorithm $2y -> correct algorithm\n\nQ: How do I require users to change their password on next login? A:\nRun the following command as root for each user: chage -d 0\n\nQ: I run an application that has $2a hashes in it's password database.\nSome users complain that they can not log in anymore. A: Edit the\npassword database and change the '$2a' prefix of the affected users'\nhashes to '$2x'. They will be able to log in again but should change\ntheir password ASAP.\n\nQ: How do I turn off the compat mode for system logins? A: Set\nBLOWFISH_2a2x=no in /etc/default/passwd\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=645140\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=680833\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 4944.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-i18ndata\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-info\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-locale-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:glibc-profile-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:libxcrypt-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:nscd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pam-modules\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pam-modules-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pwdutils\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:pwdutils-plugin-audit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/07/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/02/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-devel-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-i18ndata-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"glibc-locale-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"libxcrypt-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"nscd-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"pam-modules-11-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"pwdutils-3.2.8-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i686\", reference:\"glibc-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i686\", reference:\"glibc-devel-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-i18ndata-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"nscd-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"pam-modules-11-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"pam-modules-32bit-11-1.18.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"pwdutils-3.2.8-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-devel-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-html-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-i18ndata-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-info-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-locale-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"glibc-profile-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"libxcrypt-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"nscd-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"pam-modules-11-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"pwdutils-3.2.8-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"pwdutils-plugin-audit-3.2.8-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-devel-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-locale-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"glibc-profile-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"libxcrypt-32bit-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"s390x\", reference:\"pam-modules-32bit-11-1.18.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-devel-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-locale-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"glibc-profile-32bit-2.11.1-0.32.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"libxcrypt-32bit-3.0.3-0.4.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, cpu:\"x86_64\", reference:\"pam-modules-32bit-11-1.18.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:47:06", "description": "PostgreSQL is an advanced object-relational database management system (DBMS).\n\nA signedness issue was found in the way the crypt() function in the PostgreSQL pgcrypto module handled 8-bit characters in passwords when using Blowfish hashing. Up to three characters immediately preceding a non-ASCII character (one with the high bit set) had no effect on the hash result, thus shortening the effective password length. This made brute-force guessing more efficient as several different passwords were hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some users may not be able to log in to applications that store user passwords, hashed with Blowfish using the PostgreSQL crypt() function, in a back-end PostgreSQL database. Unsafe processing can be re-enabled for specific passwords (allowing affected users to log in) by changing their hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version 8.4.9. Refer to the PostgreSQL Release Notes for a full list of changes :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages, which correct this issue. If the postgresql service is running, it will be automatically restarted after installing this update.", "cvss3": {}, "published": "2012-08-01T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-14T00:00:00", "cpe": ["x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20111017_POSTGRESQL84_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/61154", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(61154);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"Scientific Linux Security Update : postgresql84 on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL is an advanced object-relational database management system\n(DBMS).\n\nA signedness issue was found in the way the crypt() function in the\nPostgreSQL pgcrypto module handled 8-bit characters in passwords when\nusing Blowfish hashing. Up to three characters immediately preceding a\nnon-ASCII character (one with the high bit set) had no effect on the\nhash result, thus shortening the effective password length. This made\nbrute-force guessing more efficient as several different passwords\nwere hashed to the same value. (CVE-2011-2483)\n\nNote: Due to the CVE-2011-2483 fix, after installing this update some\nusers may not be able to log in to applications that store user\npasswords, hashed with Blowfish using the PostgreSQL crypt() function,\nin a back-end PostgreSQL database. Unsafe processing can be re-enabled\nfor specific passwords (allowing affected users to log in) by changing\ntheir hash prefix to '$2x$'.\n\nThese updated postgresql84 packages upgrade PostgreSQL to version\n8.4.9. Refer to the PostgreSQL Release Notes for a full list of\nchanges :\n\nhttp://www.postgresql.org/docs/8.4/static/release.html\n\nAll PostgreSQL users are advised to upgrade to these updated packages,\nwhich correct this issue. If the postgresql service is running, it\nwill be automatically restarted after installing this update.\"\n );\n # http://www.postgresql.org/docs/8.4/static/release.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release.html\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1110&L=scientific-linux-errata&T=0&P=1453\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f78efe70\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/10/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-contrib-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-debuginfo-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-devel-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-docs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-libs-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plperl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-plpython-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-pltcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-python-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-server-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-tcl-8.4.9-1.el5_7.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"postgresql84-test-8.4.9-1.el5_7.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:25:30", "description": "This update of yast2-core fixes security issues and a bug :\n\n - When setting a password for a user, use blowfish algorithm id 2y instead of 2a. (bnc#700876 / CVE-2011-2483)\n\n - Log YCP client arguments only with y2debug, not to reveal AutoYaST passwords. (bnc#492746)\n\n - ini-agent: Fixed a test failure 'wrong stderr for nonex' (bnc#706705)", "cvss3": {}, "published": "2011-09-01T00:00:00", "type": "nessus", "title": "SuSE 11.1 Security Update : yast2-core (SAT Patch Number 5078)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:yast2-core", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_YAST2-CORE-110830.NASL", "href": "https://www.tenable.com/plugins/nessus/56034", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(56034);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\");\n\n script_name(english:\"SuSE 11.1 Security Update : yast2-core (SAT Patch Number 5078)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update of yast2-core fixes security issues and a bug :\n\n - When setting a password for a user, use blowfish\n algorithm id 2y instead of 2a. (bnc#700876 /\n CVE-2011-2483)\n\n - Log YCP client arguments only with y2debug, not to\n reveal AutoYaST passwords. (bnc#492746)\n\n - ini-agent: Fixed a test failure 'wrong stderr for nonex'\n (bnc#706705)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=492746\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=706705\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2483.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 5078.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:yast2-core\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/09/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 1) audit(AUDIT_OS_NOT, \"SuSE 11.1\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"i586\", reference:\"yast2-core-2.17.35.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:1, cpu:\"x86_64\", reference:\"yast2-core-2.17.35.3-0.3.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:1, reference:\"yast2-core-2.17.35.3-0.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:51:41", "description": "The remote host is affected by the vulnerability described in GLSA-201209-24 (PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could spoof SSL connections. Furthermore, a remote authenticated attacker could cause a Denial of Service, read and write arbitrary files, inject SQL commands into dump scripts, or bypass database restrictions to execute database functions.\n A context-dependent attacker could more easily obtain access via authentication attempts with an initial substring of the intended password.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-09-29T00:00:00", "type": "nessus", "title": "GLSA-201209-24 : PostgreSQL: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0867", "CVE-2012-0868", "CVE-2012-2143", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:postgresql-server", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201209-24.NASL", "href": "https://www.tenable.com/plugins/nessus/62380", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201209-24.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(62380);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\", \"CVE-2012-2143\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n script_bugtraq_id(52188, 53729, 53812, 55072, 55074);\n script_xref(name:\"GLSA\", value:\"201209-24\");\n\n script_name(english:\"GLSA-201209-24 : PostgreSQL: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201209-24\n(PostgreSQL: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in PostgreSQL. Please\n review the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could spoof SSL connections. Furthermore, a remote\n authenticated attacker could cause a Denial of Service, read and write\n arbitrary files, inject SQL commands into dump scripts, or bypass\n database restrictions to execute database functions.\n A context-dependent attacker could more easily obtain access via\n authentication attempts with an initial substring of the intended\n password.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201209-24\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All PostgreSQL 9.1 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-9.1.5'\n All PostgreSQL 9.0 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-9.0.9'\n All PostgreSQL 8.4 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-8.4.13'\n All PostgreSQL 8.3 server users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/postgresql-server-8.3.20'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/09/29\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/postgresql-server\", unaffected:make_list(\"ge 9.1.5\", \"rge 9.0.9\", \"rge 8.4.13\", \"rge 8.3.20\", \"rge 8.4.17\", \"rge 8.4.19\", \"rge 9.0.13\", \"rge 9.0.14\", \"rge 9.0.15\", \"rge 8.4.14\", \"rge 8.4.15\", \"rge 8.4.16\", \"rge 9.0.16\", \"rge 9.0.17\"), vulnerable:make_list(\"lt 9.1.5\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:qpkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PostgreSQL\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T14:44:51", "description": "Multiple vulnerabilities has been discovered and corrected in postgresql :\n\nFix incorrect password transformation in contrib/pgcrypto's DES crypt() function (Solar Designer). If a password string contained the byte value 0x80, the remainder of the password was ignored, causing the password to be much weaker than it appeared. With this fix, the rest of the string is properly included in the DES hash. Any stored password values that are affected by this bug will thus no longer match, so the stored values may need to be updated (CVE-2012-2143).\n\nIgnore SECURITY DEFINER and SET attributes for a procedural language's call handler (Tom Lane). Applying such attributes to a call handler could crash the server (CVE-2012-2655).\n\nThis advisory provides the latest versions of PostgreSQL that is not vulnerable to these issues.", "cvss3": {}, "published": "2012-06-15T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-2143", "CVE-2012-2655"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:lib64ecpg8.4_6", "p-cpe:/a:mandriva:linux:lib64ecpg9.0_6", "p-cpe:/a:mandriva:linux:lib64pq8.4_5", "p-cpe:/a:mandriva:linux:lib64pq9.0_5", "p-cpe:/a:mandriva:linux:libecpg8.4_6", "p-cpe:/a:mandriva:linux:libecpg9.0_6", "p-cpe:/a:mandriva:linux:libpq8.4_5", "p-cpe:/a:mandriva:linux:libpq9.0_5", "p-cpe:/a:mandriva:linux:postgresql8.4", "p-cpe:/a:mandriva:linux:postgresql8.4-contrib", "p-cpe:/a:mandriva:linux:postgresql8.4-devel", "p-cpe:/a:mandriva:linux:postgresql8.4-docs", "p-cpe:/a:mandriva:linux:postgresql8.4-pl", "p-cpe:/a:mandriva:linux:postgresql8.4-plperl", "p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql", "p-cpe:/a:mandriva:linux:postgresql8.4-plpython", "p-cpe:/a:mandriva:linux:postgresql8.4-pltcl", "p-cpe:/a:mandriva:linux:postgresql8.4-server", "p-cpe:/a:mandriva:linux:postgresql9.0", "p-cpe:/a:mandriva:linux:postgresql9.0-contrib", "p-cpe:/a:mandriva:linux:postgresql9.0-devel", "p-cpe:/a:mandriva:linux:postgresql9.0-docs", "p-cpe:/a:mandriva:linux:postgresql9.0-pl", "p-cpe:/a:mandriva:linux:postgresql9.0-plperl", "p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql", "p-cpe:/a:mandriva:linux:postgresql9.0-plpython", "p-cpe:/a:mandriva:linux:postgresql9.0-pltcl", "p-cpe:/a:mandriva:linux:postgresql9.0-server", "cpe:/o:mandriva:linux:2010.1", "cpe:/o:mandriva:linux:2011"], "id": "MANDRIVA_MDVSA-2012-092.NASL", "href": "https://www.tenable.com/plugins/nessus/59518", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2012:092. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59518);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-2143\", \"CVE-2012-2655\");\n script_bugtraq_id(53729, 53812);\n script_xref(name:\"MDVSA\", value:\"2012:092\");\n\n script_name(english:\"Mandriva Linux Security Advisory : postgresql (MDVSA-2012:092)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities has been discovered and corrected in\npostgresql :\n\nFix incorrect password transformation in contrib/pgcrypto's DES\ncrypt() function (Solar Designer). If a password string contained the\nbyte value 0x80, the remainder of the password was ignored, causing\nthe password to be much weaker than it appeared. With this fix, the\nrest of the string is properly included in the DES hash. Any stored\npassword values that are affected by this bug will thus no longer\nmatch, so the stored values may need to be updated (CVE-2012-2143).\n\nIgnore SECURITY DEFINER and SET attributes for a procedural language's\ncall handler (Tom Lane). Applying such attributes to a call handler\ncould crash the server (CVE-2012-2655).\n\nThis advisory provides the latest versions of PostgreSQL that is not\nvulnerable to these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.3/release-8-3-19.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/8.4/release-8-4-12.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.postgresql.org/docs/9.0/release-9-0-8.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:ND\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64ecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64pq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg8.4_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libecpg9.0_6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq8.4_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libpq9.0_5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql8.4-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plperl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-plpython\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-pltcl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:postgresql9.0-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2010.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2011\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64ecpg8.4_6-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"x86_64\", reference:\"lib64pq8.4_5-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libecpg8.4_6-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", cpu:\"i386\", reference:\"libpq8.4_5-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-contrib-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-devel-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-docs-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plperl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpgsql-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-plpython-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-pltcl-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2010.1\", reference:\"postgresql8.4-server-8.4.12-0.1mdv2010.2\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64ecpg9.0_6-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"x86_64\", reference:\"lib64pq9.0_5-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libecpg9.0_6-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", cpu:\"i386\", reference:\"libpq9.0_5-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-contrib-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-devel-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-docs-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plperl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpgsql-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-plpython-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-pltcl-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2011\", reference:\"postgresql9.0-server-9.0.8-0.1-mdv2011.0\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:09:45", "description": "The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash (CVE-2011-2483). After this update existing hashes with id '$2a$' for passwords that contain 8-bit characters will no longer be compatible with newly generated hashes. Affected users will either have to change their password to store a new hash or the id of the existing hash has to be manually changed to '$2x$' in order to activate a compat mode. Please see the description of the CVE-2011-2483 glibc update for details.\n\nFile uploads could potentially overwrite files owned by the user running php (CVE-2011-2202).\n\nA long salt argument to the crypt function could cause a buffer overflow (CVE-2011-3268)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1137-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3268"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zlib", "cpe:/o:novell:opensuse:11.3"], "id": "SUSE_11_3_APACHE2-MOD_PHP5-110907.NASL", "href": "https://www.tenable.com/plugins/nessus/75433", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-5112.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75433);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3268\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1137-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-5112 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The blowfish password hashing implementation did not properly handle\n8-characters in passwords, which made it easier for attackers to crack\nthe hash (CVE-2011-2483). After this update existing hashes with id\n'$2a$' for passwords that contain 8-bit characters will no longer be\ncompatible with newly generated hashes. Affected users will either\nhave to change their password to store a new hash or the id of the\nexisting hash has to be manually changed to '$2x$' in order to\nactivate a compat mode. Please see the description of the\nCVE-2011-2483 glibc update for details.\n\nFile uploads could potentially overwrite files owned by the user\nrunning php (CVE-2011-2202).\n\nA long salt argument to the crypt function could cause a buffer\noverflow (CVE-2011-3268)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=699711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=709549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=715646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00014.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.3\", reference:\"apache2-mod_php5-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bcmath-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-bz2-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-calendar-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ctype-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-curl-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dba-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-devel-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-dom-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-enchant-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-exif-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fastcgi-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-fileinfo-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ftp-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gd-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gettext-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-gmp-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-hash-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-iconv-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-imap-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-intl-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-json-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-ldap-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mbstring-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mcrypt-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-mysql-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-odbc-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-openssl-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pcntl-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pdo-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pear-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pgsql-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-phar-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-posix-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-pspell-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-readline-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-shmop-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-snmp-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-soap-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sockets-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sqlite-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-suhosin-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvmsg-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvsem-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-sysvshm-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tidy-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-tokenizer-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-wddx-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlreader-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlrpc-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xmlwriter-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-xsl-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zip-5.3.3-0.21.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.3\", reference:\"php5-zlib-5.3.3-0.21.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:26:55", "description": "According to its banner, the version of PHP installed on the remote host is 5.4.x earlier than 5.4.0, and, therefore, potentially affected by multiple vulnerabilities :\n\n - crypt_blowfish as used in PHP does not properly handle 8-bit characters, which makes it easier for context-dependent attackers to determine a cleartext password by leveraging knowledge of a password hash.\n (CVE-2011-2483)\n\n - Multiple NULL Pointer Dereference with the zend_strndup() fucntion could allow a remote attacker to cause a denial of service. (CVE-2011-4153)\n\n - A flaw in SSL sockets with SSL 3.0 / TLS 1.0 was addressed. (CVE-2011-3389)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2019-03-04T00:00:00", "type": "nessus", "title": "PHP 5.4.x < 5.4.0 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483", "CVE-2011-3389", "CVE-2011-4153"], "modified": "2022-12-05T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "PHP_5_4_0.NASL", "href": "https://www.tenable.com/plugins/nessus/122590", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(122590);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/05\");\n\n script_cve_id(\"CVE-2011-2483\", \"CVE-2011-3389\", \"CVE-2011-4153\");\n script_bugtraq_id(49241, 49778, 51417);\n script_xref(name:\"CEA-ID\", value:\"CEA-2019-0547\");\n\n script_name(english:\"PHP 5.4.x < 5.4.0 Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote web server uses a version of PHP that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to its banner, the version of PHP installed on the remote\nhost is 5.4.x earlier than 5.4.0, and, therefore, potentially affected\nby multiple vulnerabilities :\n\n - crypt_blowfish as used in PHP does not properly handle\n 8-bit characters, which makes it easier for\n context-dependent attackers to determine a cleartext\n password by leveraging knowledge of a password hash.\n (CVE-2011-2483)\n\n - Multiple NULL Pointer Dereference with the\n zend_strndup() fucntion could allow a remote attacker\n to cause a denial of service. (CVE-2011-4153)\n\n - A flaw in SSL sockets with SSL 3.0 / TLS 1.0 was\n addressed. (CVE-2011-3389)\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.php.net/bug.php?id=55748\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.php.net/ChangeLog-5.php#5.4.0\");\n script_set_attribute(attribute:\"see_also\", value:\"http://php.net/releases/5_4_0.php\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to PHP version 5.4.0 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2011-2483\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/03/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:php:php\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CGI abuses\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"php_version.nasl\");\n script_require_keys(\"www/PHP\");\n script_require_ports(\"Services/www\", 80);\n\n exit(0);\n}\n\ninclude(\"global_settings.inc\");\ninclude(\"audit.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"http.inc\");\ninclude(\"webapp_func.inc\");\n\nport = get_http_port(default:80, php:TRUE);\n\nphp = get_php_from_kb(\n port : port,\n exit_on_fail : TRUE\n);\n\nversion = php[\"ver\"];\nsource = php[\"src\"];\n\nbackported = get_kb_item('www/php/'+port+'/'+version+'/backported');\n\nif (report_paranoia < 2 && backported)\n audit(AUDIT_BACKPORT_SERVICE, port, \"PHP \"+version+\" install\");\n\nif (version =~ \"^5(\\.4)?$\") audit(AUDIT_VER_NOT_GRANULAR, \"PHP\", port, version);\nif (version !~ \"^5\\.4\\.\") audit(AUDIT_NOT_DETECT, \"PHP version 5.4.x\", port);\n\nif (version =~ \"^5\\.4\\.0(alpha|beta|rc|RC)\")\n{\n report =\n '\\n Version source : '+source +\n '\\n Installed version : '+version+\n '\\n Fixed version : 5.4.0\\n';\n security_report_v4(severity:SECURITY_WARNING, port:port, extra:report);\n exit(0);\n}\nelse audit(AUDIT_LISTEN_NOT_VULN, \"PHP\", port, version);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:37", "description": "Versions of PHP 5.3 earlier than 5.3.7 are potentially affected by multiple vulnerabilities : \n\n - A stack buffer overflow exists in socket_connect(). (CVE-2011-1938)\n\n - A use-after-free vulnerability exists in substr_replace(). (CVE-2011-1148)\n\n - A code execution vulnerability exists in ZipArchive: : addGlob(). (CVE-2011-1657)\n\n - crypt_blowfish was updated to 1.2. (CVE-2011-2483)\n\n - Multiple null pointer dereferences exist.\n\n - An unspecified crash exists in error_log().\n\n - A buffer overflow vulnerability exists in crypt().", "cvss3": {}, "published": "2011-08-23T00:00:00", "type": "nessus", "title": "PHP 5.3 < 5.3.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2483"], "modified": "2011-08-23T00:00:00", "cpe": [], "id": "801087.PRM", "href": "https://www.tenable.com/plugins/lce/801087", "sourceData": "Binary data 801087.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:19:45", "description": "The blowfish password hashing implementation did not properly handle 8-characters in passwords, which made it easier for attackers to crack the hash (CVE-2011-2483). After this update existing hashes with id '$2a$' for passwords that contain 8-bit characters will no longer be compatible with newly generated hashes. Affected users will either have to change their password to store a new hash or the id of the existing hash has to be manually changed to '$2x$' in order to activate a compat mode. Please see the description of the CVE-2011-2483 glibc update for details.\n\nFile uploads could potentially overwrite files owned by the user running php (CVE-2011-2202).\n\nA long salt argument to the crypt function could cause a buffer overflow (CVE-2011-3268)\n\nIncorrect implementation of the error_log function could crash php (CVE-2011-3267)", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1138-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2202", "CVE-2011-2483", "CVE-2011-3267", "CVE-2011-3268"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:php5-json", "p-cpe:/a:novell:opensuse:php5-json-debuginfo", "p-cpe:/a:novell:opensuse:php5-ldap", "p-cpe:/a:novell:opensuse:php5-ldap-debuginfo", "p-cpe:/a:novell:opensuse:php5-mbstring", "p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo", "p-cpe:/a:novell:opensuse:php5-mcrypt", "p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo", "p-cpe:/a:novell:opensuse:php5-mysql", "p-cpe:/a:novell:opensuse:php5-mysql-debuginfo", "p-cpe:/a:novell:opensuse:php5-odbc", "p-cpe:/a:novell:opensuse:php5-odbc-debuginfo", "p-cpe:/a:novell:opensuse:php5-openssl", "p-cpe:/a:novell:opensuse:php5-openssl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pcntl", "p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo", "p-cpe:/a:novell:opensuse:php5-pdo", "p-cpe:/a:novell:opensuse:php5-pdo-debuginfo", "p-cpe:/a:novell:opensuse:apache2-mod_php5", "p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo", "p-cpe:/a:novell:opensuse:php5", "p-cpe:/a:novell:opensuse:php5-bcmath", "p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo", "p-cpe:/a:novell:opensuse:php5-bz2", "p-cpe:/a:novell:opensuse:php5-bz2-debuginfo", "p-cpe:/a:novell:opensuse:php5-calendar", "p-cpe:/a:novell:opensuse:php5-calendar-debuginfo", "p-cpe:/a:novell:opensuse:php5-ctype", "p-cpe:/a:novell:opensuse:php5-ctype-debuginfo", "p-cpe:/a:novell:opensuse:php5-curl", "p-cpe:/a:novell:opensuse:php5-curl-debuginfo", "p-cpe:/a:novell:opensuse:php5-dba", "p-cpe:/a:novell:opensuse:php5-dba-debuginfo", "p-cpe:/a:novell:opensuse:php5-debuginfo", "p-cpe:/a:novell:opensuse:php5-debugsource", "p-cpe:/a:novell:opensuse:php5-devel", "p-cpe:/a:novell:opensuse:php5-dom", "p-cpe:/a:novell:opensuse:php5-dom-debuginfo", "p-cpe:/a:novell:opensuse:php5-enchant", "p-cpe:/a:novell:opensuse:php5-enchant-debuginfo", "p-cpe:/a:novell:opensuse:php5-exif", "p-cpe:/a:novell:opensuse:php5-exif-debuginfo", "p-cpe:/a:novell:opensuse:php5-fastcgi", "p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo", "p-cpe:/a:novell:opensuse:php5-fileinfo", "p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo", "p-cpe:/a:novell:opensuse:php5-fpm", "p-cpe:/a:novell:opensuse:php5-fpm-debuginfo", "p-cpe:/a:novell:opensuse:php5-ftp", "p-cpe:/a:novell:opensuse:php5-ftp-debuginfo", "p-cpe:/a:novell:opensuse:php5-gd", "p-cpe:/a:novell:opensuse:php5-gd-debuginfo", "p-cpe:/a:novell:opensuse:php5-gettext", "p-cpe:/a:novell:opensuse:php5-gettext-debuginfo", "p-cpe:/a:novell:opensuse:php5-gmp", "p-cpe:/a:novell:opensuse:php5-gmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-hash", "p-cpe:/a:novell:opensuse:php5-hash-debuginfo", "p-cpe:/a:novell:opensuse:php5-iconv", "p-cpe:/a:novell:opensuse:php5-iconv-debuginfo", "p-cpe:/a:novell:opensuse:php5-imap", "p-cpe:/a:novell:opensuse:php5-imap-debuginfo", "p-cpe:/a:novell:opensuse:php5-intl", "p-cpe:/a:novell:opensuse:php5-intl-debuginfo", "p-cpe:/a:novell:opensuse:php5-posix", "p-cpe:/a:novell:opensuse:php5-posix-debuginfo", "p-cpe:/a:novell:opensuse:php5-pspell", "p-cpe:/a:novell:opensuse:php5-pspell-debuginfo", "p-cpe:/a:novell:opensuse:php5-readline", "p-cpe:/a:novell:opensuse:php5-readline-debuginfo", "p-cpe:/a:novell:opensuse:php5-shmop", "p-cpe:/a:novell:opensuse:php5-shmop-debuginfo", "p-cpe:/a:novell:opensuse:php5-snmp", "p-cpe:/a:novell:opensuse:php5-snmp-debuginfo", "p-cpe:/a:novell:opensuse:php5-soap", "p-cpe:/a:novell:opensuse:php5-soap-debuginfo", "p-cpe:/a:novell:opensuse:php5-sockets", "p-cpe:/a:novell:opensuse:php5-sockets-debuginfo", "p-cpe:/a:novell:opensuse:php5-pear", "p-cpe:/a:novell:opensuse:php5-pgsql", "p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo", "p-cpe:/a:novell:opensuse:php5-phar", "p-cpe:/a:novell:opensuse:php5-phar-debuginfo", "p-cpe:/a:novell:opensuse:php5-sqlite", "p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo", "p-cpe:/a:novell:opensuse:php5-suhosin", "p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvmsg", "p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvsem", "p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo", "p-cpe:/a:novell:opensuse:php5-sysvshm", "p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo", "p-cpe:/a:novell:opensuse:php5-tidy", "p-cpe:/a:novell:opensuse:php5-tidy-debuginfo", "p-cpe:/a:novell:opensuse:php5-tokenizer", "p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo", "p-cpe:/a:novell:opensuse:php5-wddx", "p-cpe:/a:novell:opensuse:php5-wddx-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlreader", "p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlrpc", "p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo", "p-cpe:/a:novell:opensuse:php5-xmlwriter", "p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo", "p-cpe:/a:novell:opensuse:php5-xsl", "p-cpe:/a:novell:opensuse:php5-xsl-debuginfo", "p-cpe:/a:novell:opensuse:php5-zip", "p-cpe:/a:novell:opensuse:php5-zip-debuginfo", "p-cpe:/a:novell:opensuse:php5-zlib", "p-cpe:/a:novell:opensuse:php5-zlib-debuginfo", "cpe:/o:novell:opensuse:11.4"], "id": "SUSE_11_4_APACHE2-MOD_PHP5-110907.NASL", "href": "https://www.tenable.com/plugins/nessus/75791", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update apache2-mod_php5-5113.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(75791);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-2202\", \"CVE-2011-2483\", \"CVE-2011-3267\", \"CVE-2011-3268\");\n\n script_name(english:\"openSUSE Security Update : apache2-mod_php5 (openSUSE-SU-2011:1138-1)\");\n script_summary(english:\"Check for the apache2-mod_php5-5113 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The blowfish password hashing implementation did not properly handle\n8-characters in passwords, which made it easier for attackers to crack\nthe hash (CVE-2011-2483). After this update existing hashes with id\n'$2a$' for passwords that contain 8-bit characters will no longer be\ncompatible with newly generated hashes. Affected users will either\nhave to change their password to store a new hash or the id of the\nexisting hash has to be manually changed to '$2x$' in order to\nactivate a compat mode. Please see the description of the\nCVE-2011-2483 glibc update for details.\n\nFile uploads could potentially overwrite files owned by the user\nrunning php (CVE-2011-2202).\n\nA long salt argument to the crypt function could cause a buffer\noverflow (CVE-2011-3268)\n\nIncorrect implementation of the error_log function could crash php\n(CVE-2011-3267)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=699711\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=701491\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=709549\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=715640\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=715646\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2011-10/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected apache2-mod_php5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:apache2-mod_php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bcmath-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-bz2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-calendar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ctype-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-curl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dba-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-dom-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-enchant-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-exif-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fastcgi-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fileinfo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-fpm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ftp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gettext-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-gmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-hash-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-iconv-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-imap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-intl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-ldap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mbstring-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mcrypt-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-mysql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-odbc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-openssl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pcntl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pdo-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pear\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pgsql-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-phar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-posix-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-pspell-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-readline-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-shmop-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-snmp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-soap-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sockets-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sqlite-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-suhosin-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvmsg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvsem-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-sysvshm-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tidy-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-tokenizer-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-wddx-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlreader-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlrpc-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xmlwriter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-xsl-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zip-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:php5-zlib-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.4)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.4\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-mod_php5-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"apache2-mod_php5-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-bcmath-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-bcmath-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-bz2-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-bz2-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-calendar-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-calendar-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ctype-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ctype-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-curl-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-curl-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-dba-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-dba-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-debugsource-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-devel-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-dom-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-dom-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-enchant-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-enchant-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-exif-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-exif-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fastcgi-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fastcgi-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fileinfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fileinfo-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fpm-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-fpm-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ftp-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ftp-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gd-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gd-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gettext-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gettext-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gmp-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-gmp-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-hash-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-hash-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-iconv-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-iconv-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-imap-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-imap-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-intl-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-intl-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-json-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-json-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ldap-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-ldap-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mbstring-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mbstring-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mcrypt-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mcrypt-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mysql-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-mysql-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-odbc-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-odbc-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-openssl-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-openssl-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pcntl-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pcntl-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pdo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pdo-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pear-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pgsql-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pgsql-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-phar-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-phar-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-posix-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-posix-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pspell-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-pspell-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-readline-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-readline-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-shmop-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-shmop-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-snmp-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-snmp-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-soap-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-soap-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sockets-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sockets-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sqlite-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sqlite-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-suhosin-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-suhosin-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvmsg-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvmsg-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvsem-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvsem-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvshm-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-sysvshm-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-tidy-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-tidy-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-tokenizer-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-tokenizer-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-wddx-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-wddx-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlreader-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlreader-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlrpc-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlrpc-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlwriter-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xmlwriter-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xsl-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-xsl-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-zip-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-zip-debuginfo-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-zlib-5.3.5-5.16.1\") ) flag++;\nif ( rpm_check(release:\"SUSE11.4\", reference:\"php5-zlib-debuginfo-5.3.5-5.16.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"apache2-mod_php5 / php5 / php5-bcmath / php5-bz2 / php5-calendar / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:22:38", "description": "Versions of PHP 5.3 earlier than 5.3.7 are potentially affected by multiple vulnerabilities : \n\n - A stack buffer overflow exists in socket_connect(). (CVE-2011-1938)\n\n - A use-after-free vulnerability exists in substr_replace(). (CVE-2011-1148)\n\n - A code execution vulnerability exists in ZipArchive: : addGlob(). (CVE-2011-1657)\n\n - crypt_blowfish was updated to 1.2. (CVE-2011-2483)\n\n - Multiple null pointer dereferences exist.\n\n - An unspecified crash exists in error_log().\n\n - A buffer overflow vulnerability exists in crypt().\n - A flaw exists in the php_win32_get_random_bytes() function when passing MCRYPT_DEV_URANDOM as source to mcrypt_create_iv(). A remote attacker can exploit this to cause a denial of service condition.", "cvss3": {}, "published": "2011-08-23T00:00:00", "type": "nessus", "title": "PHP 5.3.x < 5.3.7 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1657", "CVE-2011-1938", "CVE-2011-2483"], "modified": "2019-03-06T00:00:00", "cpe": ["cpe:/a:php:php"], "id": "6015.PRM", "href": "https://www.tenable.com/plugins/nnm/6015", "sourceData": "Binary data 6015.prm", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-05T15:06:00", "description": "PostgreSQL was updated to the latest stable release 8.1.23, fixing various bugs and security issues.\n\nThe following security issues have been fixed :\n\n - CVE-2012-3488: This update fixes arbitrary read and write of files via XSL functionality.\n\n - CVE-2012-2655: postgresql: denial of service (stack exhaustion) via specially crafted SQL.\n\n - CVE-2011-2483: crypt_blowfish was mishandling 8 bit characters.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-20T00:00:00", "type": "nessus", "title": "SUSE SLED10 / SLES10 Security Update : PostgreSQL (SUSE-SU-2012:1336-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2483", "CVE-2012-2655", "CVE-2012-3488", "CVE-2012-3489"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:postgresql", "p-cpe:/a:novell:suse_linux:postgresql-contrib", "p-cpe:/a:novell:suse_linux:postgresql-devel", "p-cpe:/a:novell:suse_linux:postgresql-docs", "p-cpe:/a:novell:suse_linux:postgresql-libs", "p-cpe:/a:novell:suse_linux:postgresql-pl", "p-cpe:/a:novell:suse_linux:postgresql-server", "cpe:/o:novell:suse_linux:10"], "id": "SUSE_SU-2012-1336-1.NASL", "href": "https://www.tenable.com/plugins/nessus/83561", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2012:1336-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83561);\n script_version(\"2.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2483\", \"CVE-2012-2655\", \"CVE-2012-3488\", \"CVE-2012-3489\");\n script_bugtraq_id(49241, 53812, 55072, 55074);\n\n script_name(english:\"SUSE SLED10 / SLES10 Security Update : PostgreSQL (SUSE-SU-2012:1336-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PostgreSQL was updated to the latest stable release 8.1.23, fixing\nvarious bugs and security issues.\n\nThe following security issues have been fixed :\n\n - CVE-2012-3488: This update fixes arbitrary read and\n write of files via XSL functionality.\n\n - CVE-2012-2655: postgresql: denial of service (stack\n exhaustion) via specially crafted SQL.\n\n - CVE-2011-2483: crypt_blowfish was mishandling 8 bit\n characters.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n # http://download.suse.com/patch/finder/?keywords=ee84db0d1f4471abd4ab51536636eb1e\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d6a8ab54\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3488.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-3489.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/700876\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/765069\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/770193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/776523\"\n );\n # https://www.suse.com/support/update/announcement/2012/suse-su-20121336-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9cf9ff4f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected PostgreSQL packages\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-contrib\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-pl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:postgresql-server\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = eregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^(SLED10|SLES10)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED10 / SLES10\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED10 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLES10\" && (! ereg(pattern:\"^4$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES10 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"x86_64\", reference:\"postgresql-devel-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"x86_64\", reference:\"postgresql-libs-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"i586\", reference:\"postgresql-devel-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:\"4\", cpu:\"i586\", reference:\"postgresql-libs-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"x86_64\", reference:\"postgresql-libs-32bit-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", cpu:\"s390x\", reference:\"postgresql-libs-32bit-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-contrib-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-devel-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-docs-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-libs-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-pl-8.1.23-0.11.1\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:\"4\", reference:\"postgresql-server-8.1.23-0.11.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"PostgreSQL\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-12-04T14:41:23", "description": "PHP development team reports :\n\nSecurity Enhancements and Fixes in PHP 5.3.7 :\n\n- Updated crypt_blowfish to 1.2. (CVE-2011-2483)\n\n- Fixed crash in error_log(). Reported by Mateusz Kocielski\n\n- Fixed buffer overflow on overlog salt in crypt().\n\n- Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)\n\n- Fixed stack-based buffer overflow in socket_connect(). (CVE-2011-1938)\n\n- Fixed bug #54238 (use-after-free in substr_replace()).\n(CVE-2011-1148)", "cvss3": {}, "published": "2011-08-20T00:00:00", "type": "nessus", "title": "FreeBSD : php -- multiple vulnerabilities (057bf770-cac4-11e0-aea3-00215c6a37bb)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-1148", "CVE-2011-1938", "CVE-2011-2202", "CVE-2011-2483"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:php5", "p-cpe:/a:freebsd:freebsd:php5-sockets", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_057BF770CAC411E0AEA300215C6A37BB.NASL", "href": "https://www.tenable.com/plugins/nessus/55912", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(55912);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-1148\", \"CVE-2011-1938\", \"CVE-2011-2202\", \"CVE-2011-2483\");\n script_bugtraq_id(49241);\n\n script_name(english:\"FreeBSD : php -- multiple vulnerabilities (057bf770-cac4-11e0-aea3-00215c6a37bb)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"PHP development team reports :\n\nSecurity Enhancements and Fixes in PHP 5.3.7 :\n\n- Updated crypt_blowfish to 1.2. (CVE-2011-2483)\n\n- Fixed crash in error_log(). Reported by Mateusz Kocielski\n\n- Fixed buffer overflow on overlog salt in crypt().\n\n- Fixed bug #54939 (File path injection vulnerability in RFC1867 File\nupload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)\n\n- Fixed stack-based buffer overflow in socket_connect(). (CVE-2011-1938)\n\n- Fixed bug #54238 (use-after-free in substr_replace()).\n(CVE-2011-1148)\"\n );\n # https://vuxml.freebsd.org/freebsd/057bf770-cac4-11e0-aea3-00215c6a37bb.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?236b579e\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:php5-sockets\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/18\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2011/08/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2011/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2011-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"php5<5.3.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"php5-sockets<5.3.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2018-01-02T10:58:04", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:0677 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2017-12-26T00:00:00", "id": "OPENVAS:881159", "href": "http://plugins.openvas.org/nasl.php?oid=881159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:0677 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n \n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n \n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\";\n\ntag_affected = \"postgresql on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-May/018647.html\");\n script_id(881159);\n script_version(\"$Revision: 8245 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-26 07:29:59 +0100 (Tue, 26 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:25:39 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0677\");\n script_name(\"CentOS Update for postgresql CESA-2012:0677 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:47", "description": "Oracle Linux Local Security Checks ELSA-2012-0677", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2012-0677", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123917", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123917", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2012-0677.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123917\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:10:16 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2012-0677\");\n script_tag(name:\"insight\", value:\"ELSA-2012-0677 - postgresql security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2012-0677\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2012-0677.html\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~4.el5_8\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:39:16", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-11-16T00:00:00", "id": "OPENVAS:1361412562310831559", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310831559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.mandriva.com/security-announce/2012-02/msg00038.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.831559\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12381 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-16 12:16:30 +0100 (Fri, 16 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:21:06 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_xref(name:\"MDVSA\", value:\"2012:027\");\n script_name(\"Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql8.3'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\", re:\"ssh/login/release=MNDK_mes5\");\n script_tag(name:\"affected\", value:\"postgresql8.3 on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities has been discovered and corrected in\n postgresql:\n\n Permissions on a function called by a trigger are not properly checked\n (CVE-2012-0866).\n\n Line breaks in object names can be exploited to execute arbitrary\n SQL when reloading a pg_dump file (CVE-2012-0868).\n\n This advisory provides the latest version of PostgreSQL that is not\n vulnerable to these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecpg8.3_6\", rpm:\"libecpg8.3_6~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpq8.3_5\", rpm:\"libpq8.3_5~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3\", rpm:\"postgresql8.3~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-contrib\", rpm:\"postgresql8.3-contrib~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-devel\", rpm:\"postgresql8.3-devel~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-docs\", rpm:\"postgresql8.3-docs~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-pl\", rpm:\"postgresql8.3-pl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plperl\", rpm:\"postgresql8.3-plperl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plpgsql\", rpm:\"postgresql8.3-plpgsql~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plpython\", rpm:\"postgresql8.3-plpython~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-pltcl\", rpm:\"postgresql8.3-pltcl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-server\", rpm:\"postgresql8.3-server~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ecpg8.3_6\", rpm:\"lib64ecpg8.3_6~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pq8.3_5\", rpm:\"lib64pq8.3_5~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-11T11:07:05", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql RHSA-2012:0677-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-01-09T00:00:00", "id": "OPENVAS:870594", "href": "http://plugins.openvas.org/nasl.php?oid=870594", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql RHSA-2012:0677-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n\n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\";\n\ntag_affected = \"postgresql on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2012-May/msg00012.html\");\n script_id(870594);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8336 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-09 08:01:48 +0100 (Tue, 09 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-22 10:10:08 +0530 (Tue, 22 May 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_xref(name: \"RHSA\", value: \"2012:0677-01\");\n script_name(\"RedHat Update for postgresql RHSA-2012:0677-01\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:37", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-05-22T00:00:00", "type": "openvas", "title": "RedHat Update for postgresql RHSA-2012:0677-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870594", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870594", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for postgresql RHSA-2012:0677-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2012-May/msg00012.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870594\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-05-22 10:10:08 +0530 (Tue, 22 May 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_xref(name:\"RHSA\", value:\"2012:0677-01\");\n script_name(\"RedHat Update for postgresql RHSA-2012:0677-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"postgresql on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n\n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-debuginfo\", rpm:\"postgresql-debuginfo~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~4.el5_8\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-02T10:57:40", "description": "Check for the Version of postgresql8.3", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2017-12-28T00:00:00", "id": "OPENVAS:831559", "href": "http://plugins.openvas.org/nasl.php?oid=831559", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in\n postgresql:\n\n Permissions on a function called by a trigger are not properly checked\n (CVE-2012-0866).\n\n Line breaks in object names can be exploited to execute arbitrary\n SQL when reloading a pg_dump file (CVE-2012-0868).\n\n This advisory provides the latest version of PostgreSQL that is not\n vulnerable to these issues.\";\n\ntag_affected = \"postgresql8.3 on Mandriva Enterprise Server 5,\n Mandriva Enterprise Server 5/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2012-02/msg00038.php\");\n script_id(831559);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 8253 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-28 07:29:51 +0100 (Thu, 28 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:21:06 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_xref(name: \"MDVSA\", value: \"2012:027\");\n script_name(\"Mandriva Update for postgresql8.3 MDVSA-2012:027 (postgresql8.3)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql8.3\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_mes5\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecpg8.3_6\", rpm:\"libecpg8.3_6~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpq8.3_5\", rpm:\"libpq8.3_5~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3\", rpm:\"postgresql8.3~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-contrib\", rpm:\"postgresql8.3-contrib~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-devel\", rpm:\"postgresql8.3-devel~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-docs\", rpm:\"postgresql8.3-docs~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-pl\", rpm:\"postgresql8.3-pl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plperl\", rpm:\"postgresql8.3-plperl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plpgsql\", rpm:\"postgresql8.3-plpgsql~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-plpython\", rpm:\"postgresql8.3-plpython~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-pltcl\", rpm:\"postgresql8.3-pltcl~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.3-server\", rpm:\"postgresql8.3-server~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ecpg8.3_6\", rpm:\"lib64ecpg8.3_6~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pq8.3_5\", rpm:\"lib64pq8.3_5~8.3.18~0.1mdvmes5.2\", rls:\"MNDK_mes5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:39:22", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:0677 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0866", "CVE-2012-0868"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881159", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881159", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:0677 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-May/018647.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881159\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 16:25:39 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0677\");\n script_name(\"CentOS Update for postgresql CESA-2012:0677 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"postgresql on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n\n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which contain backported patches to correct these issues. If the postgresql\n service is running, it will be automatically restarted after installing\n this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pl\", rpm:\"postgresql-pl~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-python\", rpm:\"postgresql-python~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-tcl\", rpm:\"postgresql-tcl~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.1.23~4.el5_8\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-03T10:56:31", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:0678 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-01-03T00:00:00", "id": "OPENVAS:881063", "href": "http://plugins.openvas.org/nasl.php?oid=881063", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:0678 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n \n When configured to do SSL certificate verification, PostgreSQL only checked\n the first 31 characters of the certificate's Common Name field. Depending\n on the configuration, this could allow an attacker to impersonate a server\n or a client using a certificate from a trusted Certificate Authority issued\n for a different name. (CVE-2012-0867)\n \n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n \n These updated packages upgrade PostgreSQL to version 8.4.11, which fixes\n these issues as well as several data-corruption issues and lesser\n non-security issues. Refer to the PostgreSQL Release Notes for a full list\n of changes:\n \n <a rel= &qt nofollow &qt href= &qt http://www.postgresql.org/docs/8.4/static/release.html &qt >http://www.postgresql.org/docs/8.4/static/release.html</a>\n \n All PostgreSQL users are advised to upgrade to these updated packages,\n which correct these issues. If the postgresql service is running, it will\n be automatically restarted after installing this update.\";\n\ntag_affected = \"postgresql on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2012-May/018650.html\");\n script_id(881063);\n script_version(\"$Revision: 8273 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-03 07:29:19 +0100 (Wed, 03 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 15:59:28 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"CESA\", value: \"2012:0678\");\n script_name(\"CentOS Update for postgresql CESA-2012:0678 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-12-04T11:21:01", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-1378-1", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Ubuntu Update for postgresql-9.1 USN-1378-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:840921", "href": "http://plugins.openvas.org/nasl.php?oid=840921", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1378_1.nasl 7960 2017-12-01 06:58:16Z santu $\n#\n# Ubuntu Update for postgresql-9.1 USN-1378-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"It was discovered that PostgreSQL incorrectly checked permissions on\n functions called by a trigger. An attacker could attach a trigger to a\n table they owned and possibly escalate privileges. (CVE-2012-0866)\n\n It was discovered that PostgreSQL incorrectly truncated SSL certificate\n name checks to 32 characters. If a host name was exactly 32 characters,\n this issue could be exploited by an attacker to spoof the SSL certificate.\n This issue affected Ubuntu 10.04 LTS, Ubuntu 10.10, Ubuntu 11.04 and\n Ubuntu 11.10. (CVE-2012-0867)\n\n It was discovered that the PostgreSQL pg_dump utility incorrectly filtered\n line breaks in object names. An attacker could create object names that\n execute arbitrary SQL commands when a dump script is reloaded.\n (CVE-2012-0868)\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-1378-1\";\ntag_affected = \"postgresql-9.1 on Ubuntu 11.04 ,\n Ubuntu 10.10 ,\n Ubuntu 10.04 LTS ,\n Ubuntu 8.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1378-1/\");\n script_id(840921);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 7960 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:58:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:04 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_xref(name: \"USN\", value: \"1378-1\");\n script_name(\"Ubuntu Update for postgresql-9.1 USN-1378-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU10.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.10.10\", rls:\"UBUNTU10.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.10.04\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.4\", ver:\"8.4.11-0ubuntu0.11.04\", rls:\"UBUNTU11.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU8.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"postgresql-8.3\", ver:\"8.3.18-0ubuntu0.8.04\", rls:\"UBUNTU8.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-06T13:06:55", "description": "Check for the Version of postgresql", "cvss3": {}, "published": "2012-03-07T00:00:00", "type": "openvas", "title": "Mandriva Update for postgresql MDVSA-2012:026 (postgresql)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-01-04T00:00:00", "id": "OPENVAS:831557", "href": "http://plugins.openvas.org/nasl.php?oid=831557", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for postgresql MDVSA-2012:026 (postgresql)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities has been discovered and corrected in\n postgresql:\n\n Permissions on a function called by a trigger are not properly checked\n (CVE-2012-0866).\n\n SSL certificate name checks are truncated to 32 characters, allowing\n connection spoofing under some circumstances when using third party\n certificate authorities (CVE-2012-0867).\n\n Line breaks in object names can be exploited to execute arbitrary\n SQL when reloading a pg_dump file (CVE-2012-0868).\n\n This advisory provides the latest versions of PostgreSQL that is not\n vulnerable to these issues.\";\n\ntag_affected = \"postgresql on Mandriva Linux 2011.0,\n Mandriva Linux 2010.1\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://www.mandriva.com/en/support/security/advisories/?name=MDVSA-2012:026\");\n script_id(831557);\n script_version(\"$Revision: 8285 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-04 07:29:16 +0100 (Thu, 04 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-07 11:20:41 +0530 (Wed, 07 Mar 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"MDVSA\", value: \"2012:026\");\n script_name(\"Mandriva Update for postgresql MDVSA-2012:026 (postgresql)\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of postgresql\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\nif(release == \"MNDK_2011.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecpg9.0_6\", rpm:\"libecpg9.0_6~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpq9.0_5\", rpm:\"libpq9.0_5~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0\", rpm:\"postgresql9.0~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-contrib\", rpm:\"postgresql9.0-contrib~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-devel\", rpm:\"postgresql9.0-devel~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-docs\", rpm:\"postgresql9.0-docs~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-pl\", rpm:\"postgresql9.0-pl~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-plperl\", rpm:\"postgresql9.0-plperl~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-plpgsql\", rpm:\"postgresql9.0-plpgsql~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-plpython\", rpm:\"postgresql9.0-plpython~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-pltcl\", rpm:\"postgresql9.0-pltcl~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql9.0-server\", rpm:\"postgresql9.0-server~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ecpg9.0_6\", rpm:\"lib64ecpg9.0_6~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pq9.0_5\", rpm:\"lib64pq9.0_5~9.0.7~0.1\", rls:\"MNDK_2011.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2010.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libecpg8.4_6\", rpm:\"libecpg8.4_6~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libpq8.4_5\", rpm:\"libpq8.4_5~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4\", rpm:\"postgresql8.4~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-contrib\", rpm:\"postgresql8.4-contrib~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-devel\", rpm:\"postgresql8.4-devel~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-docs\", rpm:\"postgresql8.4-docs~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-pl\", rpm:\"postgresql8.4-pl~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-plperl\", rpm:\"postgresql8.4-plperl~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-plpgsql\", rpm:\"postgresql8.4-plpgsql~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-plpython\", rpm:\"postgresql8.4-plpython~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-pltcl\", rpm:\"postgresql8.4-pltcl~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql8.4-server\", rpm:\"postgresql8.4-server~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64ecpg8.4_6\", rpm:\"lib64ecpg8.4_6~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64pq8.4_5\", rpm:\"lib64pq8.4_5~8.4.11~0.1mdv2010.2\", rls:\"MNDK_2010.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:54", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2012-07-30T00:00:00", "type": "openvas", "title": "CentOS Update for postgresql CESA-2012:0678 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881063", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881063", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for postgresql CESA-2012:0678 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2012 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.881063\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2012-07-30 15:59:28 +0530 (Mon, 30 Jul 2012)\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"CESA\", value:\"2012:0678\");\n script_name(\"CentOS Update for postgresql CESA-2012:0678 centos6\");\n\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2012-May/018650.html\");\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/docs/8.4/static/release.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'postgresql'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"postgresql on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"PostgreSQL is an advanced object-relational database management system\n (DBMS).\n\n The pg_dump utility inserted object names literally into comments in the\n SQL script it produces. An unprivileged database user could create an\n object whose name includes a newline followed by an SQL command. This SQL\n command might then be executed by a privileged user during later restore of\n the backup dump, allowing privilege escalation. (CVE-2012-0868)\n\n When configured to do SSL certificate verification, PostgreSQL only checked\n the first 31 characters of the certificate's Common Name field. Depending\n on the configuration, this could allow an attacker to impersonate a server\n or a client using a certificate from a trusted Certificate Authority issued\n for a different name. (CVE-2012-0867)\n\n CREATE TRIGGER did not do a permissions check on the trigger function to\n be called. This could possibly allow an authenticated database user to\n call a privileged trigger function on data of their choosing.\n (CVE-2012-0866)\n\n These updated packages upgrade PostgreSQL to version 8.4.11, which fixes\n these issues as well as several data-corruption issues and lesser\n non-security issues. Refer to the linked PostgreSQL Release Notes for a full list\n of changes.\n\n All PostgreSQL users are advised to upgrade to these updated packages,\n which correct these issues. If the postgresql service is running, it will\n be automatically restarted after installing this update.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"postgresql\", rpm:\"postgresql~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-contrib\", rpm:\"postgresql-contrib~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-devel\", rpm:\"postgresql-devel~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-docs\", rpm:\"postgresql-docs~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-libs\", rpm:\"postgresql-libs~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plperl\", rpm:\"postgresql-plperl~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-plpython\", rpm:\"postgresql-plpython~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-pltcl\", rpm:\"postgresql-pltcl~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-server\", rpm:\"postgresql-server~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"postgresql-test\", rpm:\"postgresql-test~8.4.11~1.el6_2\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:48", "description": "The remote host is missing an update to the system\n as announced in the referenced advisory.", "cvss3": {}, "published": "2012-03-12T00:00:00", "type": "openvas", "title": "FreeBSD Ports: postgresql-client", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-0867", "CVE-2012-0866", "CVE-2012-0868"], "modified": "2018-10-05T00:00:00", "id": "OPENVAS:136141256231071164", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071164", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: freebsd_postgresql-client0.nasl 11762 2018-10-05 10:54:12Z cfischer $\n#\n# Auto generated from VID 174b8864-6237-11e1-be18-14dae938ec40\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71164\");\n script_cve_id(\"CVE-2012-0866\", \"CVE-2012-0867\", \"CVE-2012-0868\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 11762 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-05 12:54:12 +0200 (Fri, 05 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-03-12 11:35:07 -0400 (Mon, 12 Mar 2012)\");\n script_name(\"FreeBSD Ports: postgresql-client\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsd\", \"ssh/login/freebsdrel\");\n\n script_tag(name:\"insight\", value:\"The following package is affected: postgresql-client\");\n\n script_tag(name:\"solution\", value:\"Update your system with the appropriate patches or\n software upgrades.\");\n\n script_xref(name:\"URL\", value:\"http://www.postgresql.org/about/news/1377/\");\n script_xref(name:\"URL\", value:\"http://www.vuxml.org/freebsd/174b8864-6237-11e1-be18-14dae938ec40.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update to the system\n as announced in the referenced advisory.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-bsd.inc\");\n\nvuln = FALSE;\ntxt = \"\";\n\nbver = portver(pkg:\"postgresql-client\");\nif(!isnull(bver) && revcomp(a:bver, b:\"8.3.18\")<0) {\n txt += \"Package postgresql-client version \&qu