DATABASE RESOURCES PRICING ABOUT US

{"id": "PHSA-2019-0024", "vendorId": null, "type": "photon", "bulletinFamily": "unix", "title": "Critical Photon OS Security Update - PHSA-2019-0024", "description": "Updates of ['ntp', 'libxml2', 'python2', 'apache-tomcat', 'gnupg', 'redis', 'unzip', 'systemd', 'libxslt', 'glib', 'zeromq', 'oniguruma'] packages of Photon OS have been released.\n", "published": "2019-07-31T00:00:00", "modified": "2019-07-31T00:00:00", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5}, "severity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}, "cvss3": {"cvssV3": {"version": "3.0", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.9}, "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-24", "reporter": "Photon", "references": [], "cvelist": ["CVE-2018-1000858", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-10072", "CVE-2019-10192", "CVE-2019-10193", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13132", "CVE-2019-13224", "CVE-2019-13232", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454", "CVE-2019-8936"], "immutableFields": [], "lastseen": "2022-05-12T18:50:57", "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "aix", "idList": ["NTP_ADVISORY12.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:1605", "ALSA-2020:1787", "ALSA-2020:3662", "ALSA-2020:4490", "ALSA-2021:1586"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2019-13232"]}, {"type": "amazon", "idList": ["ALAS-2019-1206", "ALAS-2019-1283", "ALAS-2019-1295", "ALAS-2020-1375", "ALAS-2020-1415", "ALAS2-2019-1164", "ALAS2-2019-1288", "ALAS2-2020-1387", "ALAS2-2020-1432", "ALAS2-2020-1466", "ALAS2-2020-1550", "ALAS2-2021-1643"]}, {"type": "apple", "idList": ["APPLE:100C3E37B89C4B8E50DE097059456EC2", "APPLE:42A8665131AAD41DD01DD2DE9BBDEBC5", "APPLE:48DFAA81838B82F0614B9A03F99F251D", "APPLE:55E539B57FA02BA1EFE4552C738DD534", "APPLE:6A4EB1E45468948358E90A8ADD9F74CC", "APPLE:819AEF513AB880D6C4F6CA66CB3C0021", "APPLE:A7712CC62807C6255D0BD32EF8FBAD67", "APPLE:HT210346", "APPLE:HT210348", "APPLE:HT210351", "APPLE:HT210353", "APPLE:HT210356", "APPLE:HT210357", "APPLE:HT210358"]}, {"type": "archlinux", "idList": ["ASA-201810-3", "ASA-201810-4", "ASA-201902-24"]}, {"type": "centos", "idList": ["CESA-2019:0368", "CESA-2020:1131", "CESA-2020:1132", "CESA-2020:1181"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0245", "CPAI-2019-0908", "CPAI-2019-1669"]}, {"type": "cisa", "idList": ["CISA:519C5EFD37846AD34AA43099C8D86620"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:13BA697370B05DA79A1C88E29233A25D", "CFOUNDRY:5954DE1E741BB2E48E0E028078E0D210", "CFOUNDRY:5EA8EE4734BECA5E26F0C02B2E976F48", "CFOUNDRY:719A6ED27AEEE51AFE1A714D83BE8E73", "CFOUNDRY:A8173D294B6DEC22BA8E4286E26D99DE", "CFOUNDRY:D3931D51228BAFB9F271664EF7C0E3B6", "CFOUNDRY:EDF9B83EB83E197F691D5842752D4768", "CFOUNDRY:F06FFA2BD37C8D049603BACF49C5DBBE", "CFOUNDRY:F4A82A6B08C1BC8F71C40AB4FA993A57"]}, {"type": "cloudlinux", "idList": ["CLSA-2020:1605798462", "CLSA-2021:1632401716", "CLSA-2021:1633442879"]}, {"type": "cve", "idList": ["CVE-2018-1000858", "CVE-2018-14567", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-10072", "CVE-2019-10192", "CVE-2019-10193", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13132", "CVE-2019-13224", "CVE-2019-13232", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454", "CVE-2019-8936"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1524-1:818AD", "DEBIAN:DLA-1684-1:394E8", "DEBIAN:DLA-1684-1:C97A5", "DEBIAN:DLA-1846-1:839B7", "DEBIAN:DLA-1846-1:D030F", "DEBIAN:DLA-1846-2:4EAA9", "DEBIAN:DLA-1846-2:A08F3", "DEBIAN:DLA-1849-1:F1C41", "DEBIAN:DLA-1850-1:12B5C", "DEBIAN:DLA-1850-1:DB10C", "DEBIAN:DLA-1854-1:DE45B", "DEBIAN:DLA-1854-1:F6B60", "DEBIAN:DLA-1860-1:B68F6", "DEBIAN:DLA-1860-1:DBF7E", "DEBIAN:DLA-1866-1:415BC", "DEBIAN:DLA-1866-1:D1352", "DEBIAN:DLA-1866-2:4F7E9", "DEBIAN:DLA-1866-2:95124", "DEBIAN:DLA-1889-1:E4DD0", "DEBIAN:DLA-1906-1:2D8B3", "DEBIAN:DLA-2280-1:96280", "DEBIAN:DLA-2337-1:70801", "DEBIAN:DLA-2431-1:6BC5D", "DEBIAN:DLA-2431-1:BFD58", "DEBIAN:DSA-4393-1:1615F", "DEBIAN:DSA-4393-1:211D1", "DEBIAN:DSA-4477-1:5B2C0", "DEBIAN:DSA-4477-1:C1A86", "DEBIAN:DSA-4480-1:6E38A", "DEBIAN:DSA-4680-1:FCF2B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1000858", "DEBIANCVE:CVE-2018-14567", "DEBIANCVE:CVE-2018-20852", "DEBIANCVE:CVE-2018-9251", "DEBIANCVE:CVE-2019-10072", "DEBIANCVE:CVE-2019-10192", "DEBIANCVE:CVE-2019-10193", "DEBIANCVE:CVE-2019-13012", "DEBIANCVE:CVE-2019-13117", "DEBIANCVE:CVE-2019-13118", "DEBIANCVE:CVE-2019-13132", "DEBIANCVE:CVE-2019-13224", "DEBIANCVE:CVE-2019-13232", "DEBIANCVE:CVE-2019-3843", "DEBIANCVE:CVE-2019-3844", "DEBIANCVE:CVE-2019-6454", "DEBIANCVE:CVE-2019-8936"]}, {"type": "f5", "idList": ["F5:K00103182", "F5:K08654551", "F5:K17321505", "F5:K61363039", "F5:K76678525", "F5:K80311892", "F5:K96300145"]}, {"type": "fedora", "idList": ["FEDORA:0007D60EFF46", "FEDORA:118CD6075D9F", "FEDORA:28E0D60491B0", "FEDORA:2F0F460F096A", "FEDORA:31ACB604BB43", "FEDORA:46373604814A", "FEDORA:55212604E121", "FEDORA:55FE8604DFF9", "FEDORA:5A09262C7A37", "FEDORA:609CD6153F40", "FEDORA:61CEB60525CF", "FEDORA:724A1610682D", "FEDORA:735A760C4528", "FEDORA:862A060321A8", "FEDORA:86AA860779BB", "FEDORA:8887C6075F07", "FEDORA:8D0BB60525B8", "FEDORA:94363633518A", "FEDORA:951236162FD6", "FEDORA:9C66060323C0", "FEDORA:A2CF8605771B", "FEDORA:AFDBD60E76E0", "FEDORA:B6F06606E5A6", "FEDORA:B9C8D6075EE8", "FEDORA:D013361742CE", "FEDORA:DA47C616A923", "FEDORA:E0B4F6075B3D", "FEDORA:E277F6048D5E", "FEDORA:E66CE6076F5E", "FEDORA:E79FC60FA1C8", "FEDORA:E804C60D0D7B", "FEDORA:F378E608761A"]}, {"type": "freebsd", "idList": ["6954A2B0-BDA8-11EB-A04E-641C67A117D8", "A8D87C7A-D1B1-11E9-A616-0992A4564E7C", "C2576E14-36E2-11E9-9EDA-206A8A720317"]}, {"type": "gentoo", "idList": ["GLSA-201903-07", "GLSA-201903-15", "GLSA-201908-04", "GLSA-201908-17", "GLSA-201911-03", "GLSA-202003-26", "GLSA-202003-58"]}, {"type": "github", "idList": ["GHSA-Q4HG-RMQ2-52Q9"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "ibm", "idList": ["21FAA8B3214081B02B5CB45D8150D70F352C2BC0EC67E463FBA7D35DF6B2614C", "2C79ED95B1DDF725C67F241D5C01546FA0476ABBA3CE0E75B8B5CD09C4F93D6C", "2FE97BC0DB8A3B1BCF85FF8F69828770D4396C7CC3ABD37202D8089D2CADF87B", "466AEBE8968668438F0AEC717CCC77A721355381F0B6FF40CAC26BC3B81A919D", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "563493FD22148652FF23560027A58E6E850DEBAE12A2D160230BFF5C0D4C93E2", "5B8144ECBE66D3F42C6265F0D0218BCE7B8C4F532A8F158F78E777D2EAABB546", "5F64F57560BFC926CBF0B18BFB5BAECC3BB3859068F69B1F7B77FD5966857C7A", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96", "6736B0754DF51D862A1D7BF099B989B186FC01D8A01EF0A67D8C36D1207CD38F", "78AC5CEBB03152E4FB5912885D9F141F8A1DCC5E7D99EE5CEE22F6DA2639FCDB", "81D5F6F41E5617EDA7FF694BBE43496FC48B7577BB4C9C238127ECCCB1D40118", "8A242C548ADF3E615FE6BA32C7E6F5B2DB8B1FA250ABF2329DC20A0FB32D3700", "97D5F772EC68BDCD260FBB9DFB7A322AAAC657E9360305DF11F9C6A6A40D1B85", "A2E923A551C0F36BAC84848E053A3A93F2AC1141EB9D1739FE1D48A6684F5352", "A55D0DFA2F18D4384151EBFB9D93643CE9659FA87A9690125C9A72535F9F0428", "B236D3400A0C6106EC62C77931DC3654EEBAB6EEA563B3344ECFF477FD634E81", "BDFA432EA62E6EFDD1DA5F84B4EE926C27FCF1125443F9D0EC5005B0FEE74C89", "DEBC899D5E7F52BAC830D06EFF16A64417FA7A826DA06C927EAAEEF2964D3F82"]}, {"type": "kaspersky", "idList": ["KLA11526", "KLA11527", "KLA11571", "KLA11646"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "mageia", "idList": ["MGASA-2019-0047", "MGASA-2019-0108", "MGASA-2019-0140", "MGASA-2019-0226", "MGASA-2019-0253", "MGASA-2019-0260", "MGASA-2019-0313", "MGASA-2019-0323", "MGASA-2020-0029", "MGASA-2021-0033"]}, {"type": "nessus", "idList": ["700697.PASL", "AL2_ALAS-2019-1164.NASL", "AL2_ALAS-2019-1288.NASL", "AL2_ALAS-2020-1387.NASL", "AL2_ALAS-2020-1432.NASL", "AL2_ALAS-2020-1466.NASL", "AL2_ALAS-2020-1550.NASL", "AL2_ALAS-2021-1643.NASL", "ALA_ALAS-2019-1206.NASL", "ALA_ALAS-2019-1283.NASL", "ALA_ALAS-2019-1295.NASL", "ALA_ALAS-2020-1375.NASL", "ALA_ALAS-2020-1415.NASL", "ALMA_LINUX_ALSA-2020-1787.NASL", "ALMA_LINUX_ALSA-2020-4490.NASL", "ALMA_LINUX_ALSA-2021-1586.NASL", "AMAZON_CORRETTO_8_242_07_1.NASL", "APPLETV_12_4.NASL", "APPLE_IOS_124_CHECK.NBIN", "CENTOS8_RHSA-2019-0990.NASL", "CENTOS8_RHSA-2020-1605.NASL", "CENTOS8_RHSA-2020-1764.NASL", "CENTOS8_RHSA-2020-1787.NASL", "CENTOS8_RHSA-2020-1794.NASL", "CENTOS8_RHSA-2020-1827.NASL", "CENTOS8_RHSA-2020-3662.NASL", "CENTOS8_RHSA-2020-4490.NASL", "CENTOS8_RHSA-2021-1586.NASL", "CENTOS_RHSA-2019-0368.NASL", "CENTOS_RHSA-2020-1131.NASL", "CENTOS_RHSA-2020-1132.NASL", "CENTOS_RHSA-2020-1181.NASL", "DEBIAN_DLA-1524.NASL", "DEBIAN_DLA-1684.NASL", "DEBIAN_DLA-1846.NASL", "DEBIAN_DLA-1849.NASL", "DEBIAN_DLA-1850.NASL", "DEBIAN_DLA-1854.NASL", "DEBIAN_DLA-1860.NASL", "DEBIAN_DLA-1866.NASL", "DEBIAN_DLA-1889.NASL", "DEBIAN_DLA-1906.NASL", "DEBIAN_DLA-2280.NASL", "DEBIAN_DLA-2337.NASL", "DEBIAN_DSA-4393.NASL", "DEBIAN_DSA-4477.NASL", "DEBIAN_DSA-4480.NASL", "DEBIAN_DSA-4680.NASL", "EULEROS_SA-2019-1107.NASL", "EULEROS_SA-2019-1128.NASL", "EULEROS_SA-2019-1153.NASL", "EULEROS_SA-2019-1196.NASL", "EULEROS_SA-2019-1256.NASL", "EULEROS_SA-2019-1356.NASL", "EULEROS_SA-2019-1412.NASL", "EULEROS_SA-2019-1661.NASL", "EULEROS_SA-2019-1769.NASL", "EULEROS_SA-2019-1818.NASL", "EULEROS_SA-2019-1860.NASL", "EULEROS_SA-2019-1878.NASL", "EULEROS_SA-2019-1880.NASL", "EULEROS_SA-2019-1894.NASL", "EULEROS_SA-2019-1913.NASL", "EULEROS_SA-2019-1927.NASL", "EULEROS_SA-2019-1929.NASL", "EULEROS_SA-2019-1938.NASL", "EULEROS_SA-2019-1949.NASL", "EULEROS_SA-2019-2010.NASL", "EULEROS_SA-2019-2032.NASL", "EULEROS_SA-2019-2077.NASL", "EULEROS_SA-2019-2086.NASL", "EULEROS_SA-2019-2094.NASL", "EULEROS_SA-2019-2114.NASL", "EULEROS_SA-2019-2115.NASL", "EULEROS_SA-2019-2211.NASL", "EULEROS_SA-2019-2225.NASL", "EULEROS_SA-2019-2259.NASL", "EULEROS_SA-2019-2319.NASL", "EULEROS_SA-2019-2349.NASL", "EULEROS_SA-2019-2442.NASL", "EULEROS_SA-2019-2491.NASL", "EULEROS_SA-2019-2519.NASL", "EULEROS_SA-2019-2626.NASL", "EULEROS_SA-2020-1017.NASL", "EULEROS_SA-2020-1044.NASL", "EULEROS_SA-2020-1048.NASL", "EULEROS_SA-2020-1050.NASL", "EULEROS_SA-2020-1137.NASL", "EULEROS_SA-2020-1153.NASL", "EULEROS_SA-2020-1184.NASL", "EULEROS_SA-2020-1212.NASL", "EULEROS_SA-2020-1268.NASL", "EULEROS_SA-2020-1358.NASL", "EULEROS_SA-2020-1387.NASL", "EULEROS_SA-2020-1439.NASL", "EULEROS_SA-2020-1442.NASL", "EULEROS_SA-2020-1456.NASL", "EULEROS_SA-2020-1457.NASL", "EULEROS_SA-2020-1462.NASL", "EULEROS_SA-2020-1654.NASL", "EULEROS_SA-2020-1671.NASL", "EULEROS_SA-2020-1791.NASL", "EULEROS_SA-2020-2067.NASL", "EULEROS_SA-2020-2384.NASL", "EULEROS_SA-2021-1633.NASL", "EULEROS_SA-2021-1668.NASL", "F5_BIGIP_SOL80311892.NASL", "FEDORA_2018-3B782350FF.NASL", "FEDORA_2018-E198CF4A64.NASL", "FEDORA_2019-0D3FCAE639.NASL", "FEDORA_2019-2DAB60E288.NASL", "FEDORA_2019-2F259A6C0A.NASL", "FEDORA_2019-3F3D0953DB.NASL", "FEDORA_2019-4D8F9A9235.NASL", "FEDORA_2019-5409BB5E68.NASL", "FEDORA_2019-7322053E74.NASL", "FEDORA_2019-74BA24605E.NASL", "FEDORA_2019-758824A3FF.NASL", "FEDORA_2019-75A8DA28F0.NASL", "FEDORA_2019-8434288A24.NASL", "FEDORA_2019-8916B4E890.NASL", "FEDORA_2019-B0C7F0D94A.NASL", "FEDORA_2019-D20CE4D5A1.NASL", "FEDORA_2019-E70C729D8A.NASL", "FEDORA_2019-FDF6EC39B4.NASL", "FREEBSD_PKG_6954A2B0BDA811EBA04E641C67A117D8.NASL", "FREEBSD_PKG_A8D87C7AD1B111E9A6160992A4564E7C.NASL", "FREEBSD_PKG_C2576E1436E211E99EDA206A8A720317.NASL", "GENTOO_GLSA-201903-07.NASL", "GENTOO_GLSA-201903-15.NASL", "GENTOO_GLSA-201908-04.NASL", "GENTOO_GLSA-201908-17.NASL", "GENTOO_GLSA-201911-03.NASL", "GENTOO_GLSA-202003-26.NASL", "GENTOO_GLSA-202003-58.NASL", "ICLOUD_10_6.NASL", "ITUNES_12_9_6.NASL", "ITUNES_12_9_6_BANNER.NASL", "JUNIPER_JSA10916.NASL", "JUNIPER_JSA11115.NASL", "JUNIPER_JSA11179.NASL", "MACOSX_SECUPD2019-004.NASL", "MACOS_10_14_6.NASL", "MYSQL_ENTERPRISE_MONITOR_8_0_18.NASL", "NEWSTART_CGSL_NS-SA-2019-0057_SYSTEMD.NASL", "NEWSTART_CGSL_NS-SA-2020-0030_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2020-0059_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0060_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2020-0065_UNZIP.NASL", "NEWSTART_CGSL_NS-SA-2020-0089_PYTHON3.NASL", "NEWSTART_CGSL_NS-SA-2020-0091_LIBXML2.NASL", "NEWSTART_CGSL_NS-SA-2020-0094_PYTHON.NASL", "NEWSTART_CGSL_NS-SA-2020-0098_UNZIP.NASL", "NEWSTART_CGSL_NS-SA-2021-0076_GNUPG2.NASL", "NEWSTART_CGSL_NS-SA-2022-0053_GLIB2.NASL", "NTP_4_2_8P13.NASL", "OPENSUSE-2018-1149.NASL", "OPENSUSE-2018-1150.NASL", "OPENSUSE-2019-1143.NASL", "OPENSUSE-2019-1158.NASL", "OPENSUSE-2019-1450.NASL", "OPENSUSE-2019-1749.NASL", "OPENSUSE-2019-1767.NASL", "OPENSUSE-2019-1917.NASL", "OPENSUSE-2019-1988.NASL", "OPENSUSE-2019-1989.NASL", "OPENSUSE-2019-20.NASL", "OPENSUSE-2019-255.NASL", "OPENSUSE-2019-268.NASL", "OPENSUSE-2019-785.NASL", "OPENSUSE-2020-38.NASL", "OPENSUSE-2020-731.NASL", "OPENSUSE-2020-86.NASL", "ORACLELINUX_ELSA-2019-0368.NASL", "ORACLELINUX_ELSA-2019-0990.NASL", "ORACLELINUX_ELSA-2019-2002.NASL", "ORACLELINUX_ELSA-2020-3662.NASL", "ORACLELINUX_ELSA-2020-4490.NASL", "ORACLELINUX_ELSA-2020-5861.NASL", "ORACLELINUX_ELSA-2021-1586.NASL", "ORACLEVM_OVMSA-2020-0036.NASL", "ORACLE_JAVA_CPU_JAN_2020.NASL", "ORACLE_JAVA_CPU_JAN_2020_UNIX.NASL", "ORACLE_RDBMS_CPU_JAN_2020.NASL", "PHOTONOS_PHSA-2019-1_0-0237_GNUPG.NASL", "PHOTONOS_PHSA-2019-1_0-0244_APACHE.NASL", "PHOTONOS_PHSA-2019-1_0-0245_GLIB.NASL", "PHOTONOS_PHSA-2019-1_0-0245_ZEROMQ.NASL", "PHOTONOS_PHSA-2019-1_0-0246_GNUPG.NASL", "PHOTONOS_PHSA-2019-1_0-0246_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-1_0-0246_PYTHON2.NASL", "PHOTONOS_PHSA-2019-1_0-0246_PYTHON3.NASL", "PHOTONOS_PHSA-2019-1_0-0246_UNZIP.NASL", "PHOTONOS_PHSA-2019-1_0-0247_REDIS.NASL", "PHOTONOS_PHSA-2019-1_0-0249_REDIS.NASL", "PHOTONOS_PHSA-2019-2_0-0171_GLIB.NASL", "PHOTONOS_PHSA-2019-2_0-0171_GNUPG.NASL", "PHOTONOS_PHSA-2019-2_0-0171_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-2_0-0171_PYTHON2.NASL", "PHOTONOS_PHSA-2019-2_0-0171_PYTHON3.NASL", "PHOTONOS_PHSA-2019-2_0-0171_UNZIP.NASL", "PHOTONOS_PHSA-2019-2_0-0171_ZEROMQ.NASL", "PHOTONOS_PHSA-2019-2_0-0172_REDIS.NASL", "PHOTONOS_PHSA-2019-2_0-0173_REDIS.NASL", "PHOTONOS_PHSA-2019-3_0-0024_APACHE.NASL", "PHOTONOS_PHSA-2019-3_0-0024_GLIB.NASL", "PHOTONOS_PHSA-2019-3_0-0024_GNUPG.NASL", "PHOTONOS_PHSA-2019-3_0-0024_LIBXML2.NASL", "PHOTONOS_PHSA-2019-3_0-0024_LIBXSLT.NASL", "PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL", "PHOTONOS_PHSA-2019-3_0-0024_ONIGURUMA.NASL", "PHOTONOS_PHSA-2019-3_0-0024_PYTHON2.NASL", "PHOTONOS_PHSA-2019-3_0-0024_REDIS.NASL", "PHOTONOS_PHSA-2019-3_0-0024_SYSTEMD.NASL", "PHOTONOS_PHSA-2019-3_0-0024_UNZIP.NASL", "PHOTONOS_PHSA-2019-3_0-0024_ZEROMQ.NASL", "PHP_7_3_9.NASL", "REDHAT-RHSA-2019-0368.NASL", "REDHAT-RHSA-2019-0457.NASL", "REDHAT-RHSA-2019-0461.NASL", "REDHAT-RHSA-2019-0990.NASL", "REDHAT-RHSA-2019-1322.NASL", "REDHAT-RHSA-2019-1502.NASL", "REDHAT-RHSA-2019-2002.NASL", "REDHAT-RHSA-2019-2805.NASL", "REDHAT-RHSA-2019-3929.NASL", "REDHAT-RHSA-2020-1131.NASL", "REDHAT-RHSA-2020-1132.NASL", "REDHAT-RHSA-2020-1181.NASL", "REDHAT-RHSA-2020-1605.NASL", "REDHAT-RHSA-2020-1764.NASL", "REDHAT-RHSA-2020-1787.NASL", "REDHAT-RHSA-2020-1794.NASL", "REDHAT-RHSA-2020-1827.NASL", "REDHAT-RHSA-2020-2486.NASL", "REDHAT-RHSA-2020-3662.NASL", "REDHAT-RHSA-2020-4490.NASL", "REDHAT-RHSA-2021-1586.NASL", "SLACKWARE_SSA_2019-067-01.NASL", "SL_20190221_SYSTEMD_ON_SL7_X.NASL", "SL_20200407_PYTHON3_ON_SL7_X.NASL", "SL_20200407_PYTHON_ON_SL7_X.NASL", "SL_20200407_UNZIP_ON_SL7_X.NASL", "SUSE_SU-2018-3080-1.NASL", "SUSE_SU-2018-3081-1.NASL", "SUSE_SU-2019-0023-1.NASL", "SUSE_SU-2019-0424-1.NASL", "SUSE_SU-2019-0425-1.NASL", "SUSE_SU-2019-0426-1.NASL", "SUSE_SU-2019-0428-1.NASL", "SUSE_SU-2019-0775-1.NASL", "SUSE_SU-2019-0777-1.NASL", "SUSE_SU-2019-0789-1.NASL", "SUSE_SU-2019-1265-1.NASL", "SUSE_SU-2019-1364-1.NASL", "SUSE_SU-2019-1364-2.NASL", "SUSE_SU-2019-13991-1.NASL", "SUSE_SU-2019-14117-1.NASL", "SUSE_SU-2019-14142-1.NASL", "SUSE_SU-2019-1776-1.NASL", "SUSE_SU-2019-1785-1.NASL", "SUSE_SU-2019-1824-1.NASL", "SUSE_SU-2019-1830-1.NASL", "SUSE_SU-2019-1830-2.NASL", "SUSE_SU-2019-1833-1.NASL", "SUSE_SU-2019-1867-1.NASL", "SUSE_SU-2019-2006-1.NASL", "SUSE_SU-2019-2050-1.NASL", "SUSE_SU-2019-2091-1.NASL", "SUSE_SU-2019-2114-1.NASL", "SUSE_SU-2019-2480-1.NASL", "SUSE_SU-2019-2798-1.NASL", "SUSE_SU-2020-0114-1.NASL", "SUSE_SU-2020-0234-1.NASL", "SUSE_SU-2020-0302-1.NASL", "SUSE_SU-2020-1409-1.NASL", "SUSE_SU-2020-2699-1.NASL", "TOMCAT_8_5_41.NASL", "TOMCAT_9_0_20.NASL", "UBUNTU_USN-3853-1.NASL", "UBUNTU_USN-3891-1.NASL", "UBUNTU_USN-4049-1.NASL", "UBUNTU_USN-4050-1.NASL", "UBUNTU_USN-4061-1.NASL", "UBUNTU_USN-4127-1.NASL", "UBUNTU_USN-4128-1.NASL", "UBUNTU_USN-4128-2.NASL", "UBUNTU_USN-4164-1.NASL", "UBUNTU_USN-4269-1.NASL", "UBUNTU_USN-4563-1.NASL", "UBUNTU_USN-4563-2.NASL", "UBUNTU_USN-4672-1.NASL", "UBUNTU_USN-5431-1.NASL", "WEB_APPLICATION_SCANNING_98625", "WEB_APPLICATION_SCANNING_98629", "WEB_APPLICATION_SCANNING_98682", "WEB_APPLICATION_SCANNING_98683", "WEB_APPLICATION_SCANNING_98684"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107013", "OPENVAS:1361412562310107014", "OPENVAS:1361412562310108633", "OPENVAS:1361412562310108634", "OPENVAS:1361412562310142627", "OPENVAS:1361412562310142811", "OPENVAS:1361412562310142812", "OPENVAS:1361412562310143027", "OPENVAS:1361412562310143028", "OPENVAS:1361412562310704393", "OPENVAS:1361412562310704477", "OPENVAS:1361412562310704480", "OPENVAS:1361412562310704680", "OPENVAS:1361412562310813437", "OPENVAS:1361412562310815261", "OPENVAS:1361412562310815262", "OPENVAS:1361412562310815263", "OPENVAS:1361412562310815425", "OPENVAS:1361412562310816600", "OPENVAS:1361412562310816604", "OPENVAS:1361412562310843866", "OPENVAS:1361412562310843910", "OPENVAS:1361412562310844081", "OPENVAS:1361412562310844083", "OPENVAS:1361412562310844095", "OPENVAS:1361412562310844168", "OPENVAS:1361412562310844170", "OPENVAS:1361412562310844181", "OPENVAS:1361412562310844207", "OPENVAS:1361412562310844328", "OPENVAS:1361412562310851931", "OPENVAS:1361412562310852042", "OPENVAS:1361412562310852232", "OPENVAS:1361412562310852324", "OPENVAS:1361412562310852325", "OPENVAS:1361412562310852390", "OPENVAS:1361412562310852406", "OPENVAS:1361412562310852518", "OPENVAS:1361412562310852617", "OPENVAS:1361412562310852625", "OPENVAS:1361412562310852663", "OPENVAS:1361412562310852677", "OPENVAS:1361412562310852905", "OPENVAS:1361412562310852980", "OPENVAS:1361412562310853008", "OPENVAS:1361412562310853184", "OPENVAS:1361412562310874903", "OPENVAS:1361412562310874921", "OPENVAS:1361412562310875425", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875556", "OPENVAS:1361412562310875924", "OPENVAS:1361412562310876042", "OPENVAS:1361412562310876261", "OPENVAS:1361412562310876588", "OPENVAS:1361412562310876622", "OPENVAS:1361412562310876625", "OPENVAS:1361412562310876640", "OPENVAS:1361412562310876755", "OPENVAS:1361412562310876816", "OPENVAS:1361412562310876872", "OPENVAS:1361412562310876879", "OPENVAS:1361412562310876971", "OPENVAS:1361412562310876973", "OPENVAS:1361412562310876975", "OPENVAS:1361412562310876978", "OPENVAS:1361412562310877026", "OPENVAS:1361412562310877028", "OPENVAS:1361412562310877069", "OPENVAS:1361412562310877114", "OPENVAS:1361412562310877174", "OPENVAS:1361412562310877297", "OPENVAS:1361412562310877303", "OPENVAS:1361412562310877491", "OPENVAS:1361412562310877596", "OPENVAS:1361412562310877633", "OPENVAS:1361412562310883009", "OPENVAS:1361412562310891524", "OPENVAS:1361412562310891684", "OPENVAS:1361412562310891846", "OPENVAS:1361412562310891849", "OPENVAS:1361412562310891850", "OPENVAS:1361412562310891854", "OPENVAS:1361412562310891860", "OPENVAS:1361412562310891866", "OPENVAS:1361412562310891889", "OPENVAS:1361412562310891906", "OPENVAS:1361412562310892280", "OPENVAS:1361412562311220191107", "OPENVAS:1361412562311220191128", "OPENVAS:1361412562311220191153", "OPENVAS:1361412562311220191196", "OPENVAS:1361412562311220191256", "OPENVAS:1361412562311220191356", "OPENVAS:1361412562311220191412", "OPENVAS:1361412562311220191661", "OPENVAS:1361412562311220191769", "OPENVAS:1361412562311220191860", "OPENVAS:1361412562311220191878", "OPENVAS:1361412562311220191894", "OPENVAS:1361412562311220191913", "OPENVAS:1361412562311220191927", "OPENVAS:1361412562311220191929", "OPENVAS:1361412562311220191938", "OPENVAS:1361412562311220191949", "OPENVAS:1361412562311220192032", "OPENVAS:1361412562311220192077", "OPENVAS:1361412562311220192086", "OPENVAS:1361412562311220192094", "OPENVAS:1361412562311220192114", "OPENVAS:1361412562311220192115", "OPENVAS:1361412562311220192211", "OPENVAS:1361412562311220192225", "OPENVAS:1361412562311220192259", "OPENVAS:1361412562311220192319", "OPENVAS:1361412562311220192349", "OPENVAS:1361412562311220192442", "OPENVAS:1361412562311220192491", "OPENVAS:1361412562311220192519", "OPENVAS:1361412562311220192626", "OPENVAS:1361412562311220201017", "OPENVAS:1361412562311220201044", "OPENVAS:1361412562311220201048", "OPENVAS:1361412562311220201050", "OPENVAS:1361412562311220201137", "OPENVAS:1361412562311220201153", "OPENVAS:1361412562311220201184", "OPENVAS:1361412562311220201212", "OPENVAS:1361412562311220201268", "OPENVAS:1361412562311220201358", "OPENVAS:1361412562311220201387", "OPENVAS:1361412562311220201439", "OPENVAS:1361412562311220201442", "OPENVAS:1361412562311220201456", "OPENVAS:1361412562311220201457", "OPENVAS:1361412562311220201462", "OPENVAS:1361412562311220201654", "OPENVAS:1361412562311220201671", "OPENVAS:1361412562311220201791"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2020", "ORACLE:CPUAPR2021", "ORACLE:CPUJAN2020", "ORACLE:CPUJUL2020", "ORACLE:CPUOCT2019", "ORACLE:CPUOCT2019-5072832", "ORACLE:CPUOCT2020"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-0368", "ELSA-2019-0990", "ELSA-2019-2002", "ELSA-2019-4876", "ELSA-2019-4877", "ELSA-2019-4884", "ELSA-2020-1131", "ELSA-2020-1132", "ELSA-2020-1181", "ELSA-2020-1605", "ELSA-2020-1764", "ELSA-2020-1787", "ELSA-2020-1794", "ELSA-2020-1827", "ELSA-2020-3662", "ELSA-2020-3911", "ELSA-2020-4490", "ELSA-2020-5861", "ELSA-2021-1586"]}, {"type": "osv", "idList": ["OSV:DLA-1524-1", "OSV:DLA-1684-1", "OSV:DLA-1846-1", "OSV:DLA-1849-1", "OSV:DLA-1850-1", "OSV:DLA-1854-1", "OSV:DLA-1860-1", "OSV:DLA-1866-1", "OSV:DLA-1866-2", "OSV:DLA-1889-1", "OSV:DLA-1906-1", "OSV:DLA-2280-1", "OSV:DLA-2337-1", "OSV:DLA-2431-1", "OSV:DLA-2431-2", "OSV:DSA-4393-1", "OSV:DSA-4477-1", "OSV:DSA-4480-1", "OSV:DSA-4527-1", "OSV:DSA-4529-1", "OSV:DSA-4680-1", "OSV:GHSA-Q4HG-RMQ2-52Q9"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152635"]}, {"type": "photon", "idList": ["PHSA-2019-0149", "PHSA-2019-0171", "PHSA-2019-0172", "PHSA-2019-0173", "PHSA-2019-0237", "PHSA-2019-0244", "PHSA-2019-0245", "PHSA-2019-0246", "PHSA-2019-0247", "PHSA-2019-0248", "PHSA-2019-0249", "PHSA-2019-1.0-0237", "PHSA-2019-1.0-0244", "PHSA-2019-1.0-0245", "PHSA-2019-1.0-0246", "PHSA-2019-1.0-0247", "PHSA-2019-1.0-0248", "PHSA-2019-1.0-0249", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0172", "PHSA-2019-2.0-0173", "PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2019:0368", "RHSA-2019:0457", "RHSA-2019:0461", "RHSA-2019:0990", "RHSA-2019:1322", "RHSA-2019:1502", "RHSA-2019:1819", "RHSA-2019:1860", "RHSA-2019:2002", "RHSA-2019:2506", "RHSA-2019:2508", "RHSA-2019:2621", "RHSA-2019:2628", "RHSA-2019:2630", "RHSA-2019:2805", "RHSA-2019:3725", "RHSA-2019:3929", "RHSA-2019:3931", "RHSA-2019:3948", "RHSA-2020:1131", "RHSA-2020:1132", "RHSA-2020:1181", "RHSA-2020:1605", "RHSA-2020:1764", "RHSA-2020:1787", "RHSA-2020:1794", "RHSA-2020:1827", "RHSA-2020:2486", "RHSA-2020:3194", "RHSA-2020:3662", "RHSA-2020:4298", "RHSA-2020:4490", "RHSA-2020:5149", "RHSA-2020:5364", "RHSA-2020:5605", "RHSA-2020:5633", "RHSA-2020:5635", "RHSA-2021:0050", "RHSA-2021:0146", "RHSA-2021:0190", "RHSA-2021:0436", "RHSA-2021:0799", "RHSA-2021:1586", "RHSA-2021:2021", "RHSA-2021:2121", "RHSA-2021:2136", "RHSA-2021:2479", "RHSA-2021:2920", "RHSA-2021:3016", "RHSA-2021:3119", "RHSA-2022:0056", "RHSA-2022:5840", "RHSA-2022:5924"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1000858", "RH:CVE-2018-14567", "RH:CVE-2018-20852", "RH:CVE-2018-9251", "RH:CVE-2019-10072", "RH:CVE-2019-10192", "RH:CVE-2019-10193", "RH:CVE-2019-13012", "RH:CVE-2019-13050", "RH:CVE-2019-13117", "RH:CVE-2019-13118", "RH:CVE-2019-13132", "RH:CVE-2019-13224", "RH:CVE-2019-13232", "RH:CVE-2019-3843", "RH:CVE-2019-3844", "RH:CVE-2019-6454", "RH:CVE-2019-8936"]}, {"type": "rubygems", "idList": ["RUBY:NOKOGIRI-2019-13117"]}, {"type": "slackware", "idList": ["SSA-2019-067-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3107-1", "OPENSUSE-SU-2018:3110-1", "OPENSUSE-SU-2019:0020-1", "OPENSUSE-SU-2019:0255-1", "OPENSUSE-SU-2019:0268-1", "OPENSUSE-SU-2019:1143-1", "OPENSUSE-SU-2019:1158-1", "OPENSUSE-SU-2019:1450-1", "OPENSUSE-SU-2019:1749-1", "OPENSUSE-SU-2019:1767-1", "OPENSUSE-SU-2019:1917-1", "OPENSUSE-SU-2019:1988-1", "OPENSUSE-SU-2019:1989-1", "OPENSUSE-SU-2020:0038-1", "OPENSUSE-SU-2020:0086-1", "OPENSUSE-SU-2020:0731-1"]}, {"type": "symantec", "idList": ["SMNTC-108874", "SMNTC-109323", "SMNTC-111498", "SMNTC-1765"]}, {"type": "thn", "idList": ["THN:5483F752911D643A7A952FBFA7B4B7E4"]}, {"type": "threatpost", "idList": ["THREATPOST:20EAC8CBCC0B2A55B8195EB5B485B9D6"]}, {"type": "tomcat", "idList": ["TOMCAT:045D264F03959F4DF2D140C7A3C6A05B", "TOMCAT:D3D93576ACEA30F0105FC0FE43E2BF2B"]}, {"type": "ubuntu", "idList": ["USN-3853-1", "USN-3891-1", "USN-4049-1", "USN-4049-2", "USN-4050-1", "USN-4061-1", "USN-4088-1", "USN-4127-1", "USN-4127-2", "USN-4128-1", "USN-4128-2", "USN-4164-1", "USN-4269-1", "USN-4563-1", "USN-4563-2", "USN-4672-1", "USN-5431-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1000858", "UB:CVE-2018-14567", "UB:CVE-2018-20852", "UB:CVE-2018-9251", "UB:CVE-2019-10072", "UB:CVE-2019-10192", "UB:CVE-2019-10193", "UB:CVE-2019-13012", "UB:CVE-2019-13050", "UB:CVE-2019-13117", "UB:CVE-2019-13118", "UB:CVE-2019-13132", "UB:CVE-2019-13224", "UB:CVE-2019-13232", "UB:CVE-2019-3843", "UB:CVE-2019-3844", "UB:CVE-2019-6454", "UB:CVE-2019-8936"]}, {"type": "veracode", "idList": ["VERACODE:20916", "VERACODE:21918", "VERACODE:22876", "VERACODE:25098", "VERACODE:25110", "VERACODE:25111", "VERACODE:27519", "VERACODE:27819", "VERACODE:28262"]}, {"type": "zdi", "idList": ["ZDI-19-582"]}, {"type": "zdt", "idList": ["1337DAY-ID-32598"]}]}, "score": {"value": 1.6, "vector": "NONE"}, "backreferences": {"references": [{"type": "aix", "idList": ["NTP_ADVISORY12.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2020:1605", "ALSA-2020:1787", "ALSA-2020:3662", "ALSA-2020:4490", "ALSA-2021:1586"]}, {"type": "amazon", "idList": ["ALAS-2019-1206", "ALAS-2020-1375", "ALAS2-2019-1164", "ALAS2-2019-1288", "ALAS2-2020-1387", "ALAS2-2020-1432", "ALAS2-2020-1550", "ALAS2-2021-1643"]}, {"type": "apple", "idList": ["APPLE:100C3E37B89C4B8E50DE097059456EC2", "APPLE:42A8665131AAD41DD01DD2DE9BBDEBC5", "APPLE:48DFAA81838B82F0614B9A03F99F251D", "APPLE:55E539B57FA02BA1EFE4552C738DD534", "APPLE:6A4EB1E45468948358E90A8ADD9F74CC", "APPLE:819AEF513AB880D6C4F6CA66CB3C0021", "APPLE:A7712CC62807C6255D0BD32EF8FBAD67", "APPLE:HT210346", "APPLE:HT210348", "APPLE:HT210351", "APPLE:HT210353", "APPLE:HT210356", "APPLE:HT210357", "APPLE:HT210358"]}, {"type": "archlinux", "idList": ["ASA-201810-3", "ASA-201810-4", "ASA-201902-24"]}, {"type": "centos", "idList": ["CESA-2019:0368"]}, {"type": "checkpoint_advisories", "idList": ["CPAI-2019-0245", "CPAI-2019-0908", "CPAI-2019-1669"]}, {"type": "cisa", "idList": ["CISA:519C5EFD37846AD34AA43099C8D86620"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:719A6ED27AEEE51AFE1A714D83BE8E73", "CFOUNDRY:A8173D294B6DEC22BA8E4286E26D99DE", "CFOUNDRY:F4A82A6B08C1BC8F71C40AB4FA993A57"]}, {"type": "cloudlinux", "idList": ["CLSA-2021:1632401716"]}, {"type": "cve", "idList": ["CVE-2018-1000858", "CVE-2019-10072", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454", "CVE-2019-8936"]}, {"type": "debian", "idList": ["DEBIAN:DLA-1524-1:818AD", "DEBIAN:DLA-1684-1:394E8", "DEBIAN:DLA-1866-2:4F7E9", "DEBIAN:DLA-1889-1:E4DD0", "DEBIAN:DLA-1906-1:2D8B3", "DEBIAN:DSA-4393-1:211D1", "DEBIAN:DSA-4680-1:FCF2B"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2018-1000858", "DEBIANCVE:CVE-2018-9251", "DEBIANCVE:CVE-2019-13012", "DEBIANCVE:CVE-2019-13117", "DEBIANCVE:CVE-2019-13118", "DEBIANCVE:CVE-2019-13132", "DEBIANCVE:CVE-2019-13224"]}, {"type": "f5", "idList": ["F5:K00103182", "F5:K61363039"]}, {"type": "fedora", "idList": ["FEDORA:118CD6075D9F", "FEDORA:28E0D60491B0", "FEDORA:46373604814A", "FEDORA:94363633518A", "FEDORA:AFDBD60E76E0", "FEDORA:D013361742CE", "FEDORA:DA47C616A923", "FEDORA:E79FC60FA1C8"]}, {"type": "freebsd", "idList": ["6954A2B0-BDA8-11EB-A04E-641C67A117D8", "A8D87C7A-D1B1-11E9-A616-0992A4564E7C", "C2576E14-36E2-11E9-9EDA-206A8A720317"]}, {"type": "gentoo", "idList": ["GLSA-201903-07", "GLSA-201903-15", "GLSA-201908-04", "GLSA-201908-17", "GLSA-201911-03"]}, {"type": "github", "idList": ["GHSA-Q4HG-RMQ2-52Q9"]}, {"type": "hackerone", "idList": ["H1:874427"]}, {"type": "ibm", "idList": ["21FAA8B3214081B02B5CB45D8150D70F352C2BC0EC67E463FBA7D35DF6B2614C", "54FB6726805D886796865FF32608051BEE914B969DCB3300B1E662574A92A04E", "6549F7FB91216E6B5325DB660AF73FDF2D181F5FC1D3D96D412B600D6C349A96"]}, {"type": "kaspersky", "idList": ["KLA11526", "KLA11527", "KLA11571", "KLA11646"]}, {"type": "kitploit", "idList": ["KITPLOIT:7323577050718865961"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/DEBIAN-CVE-2019-10192/", "MSF:ILITIES/GENTOO-LINUX-CVE-2018-20852/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP2-CVE-2018-20852/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2018-20852/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2019-13117/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2018-20852/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-13117/", "MSF:ILITIES/HUAWEI-EULEROS-2_0_SP5-CVE-2019-13118/", "MSF:ILITIES/ORACLE-SOLARIS-CVE-2018-20852/", "MSF:ILITIES/REDHAT_LINUX-CVE-2018-20852/", "MSF:ILITIES/UBUNTU-CVE-2018-20852/", "MSF:ILITIES/UBUNTU-CVE-2019-10192/", "MSF:ILITIES/UBUNTU-CVE-2019-10193/"]}, {"type": "nessus", "idList": ["AL2_ALAS-2019-1164.NASL", "AL2_ALAS-2020-1387.NASL", "AL2_ALAS-2020-1432.NASL", "AL2_ALAS-2021-1643.NASL", "ALA_ALAS-2020-1375.NASL", "CENTOS8_RHSA-2021-1586.NASL", "CENTOS_RHSA-2019-0368.NASL", "DEBIAN_DLA-1684.NASL", "DEBIAN_DSA-4393.NASL", "DEBIAN_DSA-4680.NASL", "EULEROS_SA-2019-2114.NASL", "EULEROS_SA-2019-2115.NASL", "EULEROS_SA-2019-2225.NASL", "EULEROS_SA-2019-2259.NASL", "EULEROS_SA-2020-1017.NASL", "EULEROS_SA-2020-1044.NASL", "EULEROS_SA-2020-1048.NASL", "EULEROS_SA-2020-1050.NASL", "F5_BIGIP_SOL80311892.NASL", "FEDORA_2018-3B782350FF.NASL", "FEDORA_2018-E198CF4A64.NASL", "FEDORA_2019-0D3FCAE639.NASL", "FEDORA_2019-74BA24605E.NASL", "FEDORA_2019-758824A3FF.NASL", "FEDORA_2019-75A8DA28F0.NASL", "FEDORA_2019-8434288A24.NASL", "FEDORA_2019-E70C729D8A.NASL", "FREEBSD_PKG_6954A2B0BDA811EBA04E641C67A117D8.NASL", "GENTOO_GLSA-201911-03.NASL", "OPENSUSE-2018-1149.NASL", "OPENSUSE-2018-1150.NASL", "OPENSUSE-2019-20.NASL", "OPENSUSE-2020-38.NASL", "OPENSUSE-2020-731.NASL", "OPENSUSE-2020-86.NASL", "ORACLELINUX_ELSA-2019-0368.NASL", "ORACLELINUX_ELSA-2020-4490.NASL", "ORACLELINUX_ELSA-2021-1586.NASL", "ORACLE_JAVA_CPU_JAN_2020.NASL", "ORACLE_JAVA_CPU_JAN_2020_UNIX.NASL", "ORACLE_RDBMS_CPU_JAN_2020.NASL", "REDHAT-RHSA-2019-0368.NASL", "REDHAT-RHSA-2019-3929.NASL", "REDHAT-RHSA-2020-1605.NASL", "REDHAT-RHSA-2020-1764.NASL", "REDHAT-RHSA-2020-1794.NASL", "REDHAT-RHSA-2021-1586.NASL", "SL_20190221_SYSTEMD_ON_SL7_X.NASL", "SL_20200407_PYTHON3_ON_SL7_X.NASL", "SL_20200407_PYTHON_ON_SL7_X.NASL", "SL_20200407_UNZIP_ON_SL7_X.NASL", "SUSE_SU-2018-3080-1.NASL", "SUSE_SU-2018-3081-1.NASL", "SUSE_SU-2019-0023-1.NASL", "SUSE_SU-2019-0424-1.NASL", "SUSE_SU-2019-0425-1.NASL", "SUSE_SU-2019-0426-1.NASL", "SUSE_SU-2019-0428-1.NASL", "SUSE_SU-2019-14117-1.NASL", "SUSE_SU-2019-14142-1.NASL", "SUSE_SU-2020-0114-1.NASL", "UBUNTU_USN-3853-1.NASL", "UBUNTU_USN-3891-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310107013", "OPENVAS:1361412562310107014", "OPENVAS:1361412562310142811", "OPENVAS:1361412562310142812", "OPENVAS:1361412562310704393", "OPENVAS:1361412562310704680", "OPENVAS:1361412562310816600", "OPENVAS:1361412562310816604", "OPENVAS:1361412562310843866", "OPENVAS:1361412562310843910", "OPENVAS:1361412562310852232", "OPENVAS:1361412562310852324", "OPENVAS:1361412562310852325", "OPENVAS:1361412562310852390", "OPENVAS:1361412562310852406", "OPENVAS:1361412562310852518", "OPENVAS:1361412562310852663", "OPENVAS:1361412562310852677", "OPENVAS:1361412562310852905", "OPENVAS:1361412562310852980", "OPENVAS:1361412562310853184", "OPENVAS:1361412562310874903", "OPENVAS:1361412562310874921", "OPENVAS:1361412562310875425", "OPENVAS:1361412562310875502", "OPENVAS:1361412562310875924", "OPENVAS:1361412562310876042", "OPENVAS:1361412562310876261", "OPENVAS:1361412562310876622", "OPENVAS:1361412562310876625", "OPENVAS:1361412562310876640", "OPENVAS:1361412562310876971", "OPENVAS:1361412562310876973", "OPENVAS:1361412562310876975", "OPENVAS:1361412562310876978", "OPENVAS:1361412562310877114", "OPENVAS:1361412562310877174", "OPENVAS:1361412562310877297", "OPENVAS:1361412562310877303", "OPENVAS:1361412562310883009", "OPENVAS:1361412562310891684", "OPENVAS:1361412562310891889", "OPENVAS:1361412562310891906", "OPENVAS:1361412562311220191256", "OPENVAS:1361412562311220192115", "OPENVAS:1361412562311220192211", "OPENVAS:1361412562311220192349", "OPENVAS:1361412562311220201442"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2019-5072832"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-0368", "ELSA-2019-0990", "ELSA-2019-2002", "ELSA-2020-1764", "ELSA-2020-1787", "ELSA-2020-1794", "ELSA-2020-1827", "ELSA-2020-4490", "ELSA-2021-1586"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:152635"]}, {"type": "photon", "idList": ["PHSA-2019-1.0-0237", "PHSA-2019-1.0-0244", "PHSA-2019-1.0-0245", "PHSA-2019-1.0-0246", "PHSA-2019-1.0-0247", "PHSA-2019-2.0-0171", "PHSA-2019-2.0-0172", "PHSA-2019-2.0-0173", "PHSA-2019-3.0-0024"]}, {"type": "redhat", "idList": ["RHSA-2019:0457", "RHSA-2019:1322", "RHSA-2021:2021"]}, {"type": "redhatcve", "idList": ["RH:CVE-2018-1000858", "RH:CVE-2019-10072", "RH:CVE-2019-13012", "RH:CVE-2019-13117", "RH:CVE-2019-13118", "RH:CVE-2019-13132", "RH:CVE-2019-13232", "RH:CVE-2019-3843", "RH:CVE-2019-3844", "RH:CVE-2019-8936"]}, {"type": "slackware", "idList": ["SSA-2019-067-01"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2018:3107-1", "OPENSUSE-SU-2018:3110-1", "OPENSUSE-SU-2019:0020-1", "OPENSUSE-SU-2019:0255-1", "OPENSUSE-SU-2019:0268-1", "OPENSUSE-SU-2019:1143-1", "OPENSUSE-SU-2019:1158-1", "OPENSUSE-SU-2019:1450-1", "OPENSUSE-SU-2019:1917-1", "OPENSUSE-SU-2019:1988-1", "OPENSUSE-SU-2019:1989-1", "OPENSUSE-SU-2020:0038-1", "OPENSUSE-SU-2020:0086-1", "OPENSUSE-SU-2020:0731-1"]}, {"type": "symantec", "idList": ["SMNTC-1765"]}, {"type": "thn", "idList": ["THN:5483F752911D643A7A952FBFA7B4B7E4"]}, {"type": "threatpost", "idList": ["THREATPOST:20EAC8CBCC0B2A55B8195EB5B485B9D6"]}, {"type": "tomcat", "idList": ["TOMCAT:D3D93576ACEA30F0105FC0FE43E2BF2B"]}, {"type": "ubuntu", "idList": ["USN-3853-1", "USN-3891-1", "USN-4088-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2018-1000858", "UB:CVE-2018-20852", "UB:CVE-2019-10072", "UB:CVE-2019-10192", "UB:CVE-2019-10193", "UB:CVE-2019-13012", "UB:CVE-2019-13050", "UB:CVE-2019-13117", "UB:CVE-2019-13118", "UB:CVE-2019-13132", "UB:CVE-2019-13224", "UB:CVE-2019-13232", "UB:CVE-2019-3843", "UB:CVE-2019-3844", "UB:CVE-2019-6454", "UB:CVE-2019-8936"]}, {"type": "zdi", "idList": ["ZDI-19-582"]}, {"type": "zdt", "idList": ["1337DAY-ID-32598"]}]}, "exploitation": null, "vulnersScore": 1.6}, "_state": {"dependencies": 1660004461, "score": 1659988869}, "_internal": {"score_hash": "4b42755fa9de8d6c12f40a77145795f0"}, "affectedPackage": [{"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.3-2.ph3", "packageFilename": "zeromq-debuginfo-4.2.3-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "zeromq-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.3-2.ph3", "packageFilename": "zeromq-4.2.3-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "zeromq"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.58.0-4.ph3", "packageFilename": "glib-debuginfo-2.58.0-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "glib-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "1.1.32-4.ph3", "packageFilename": "libxslt-devel-1.1.32-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxslt-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-debuginfo-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.58.0-4.ph3", "packageFilename": "glib-schemas-2.58.0-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "glib-schemas"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.8p13-1.ph3", "packageFilename": "ntp-debuginfo-4.2.8p13-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "ntp-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "5.0.5-1.ph3", "packageFilename": "redis-5.0.5-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "redis"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "239-12.ph3", "packageFilename": "systemd-lang-239-12.ph3.x86_64.rpm", "operator": "lt", "packageName": "systemd-lang"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.9.9-1.ph3", "packageFilename": "libxml2-python-2.9.9-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxml2-python"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.9.9-1.ph3", "packageFilename": "libxml2-2.9.9-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxml2"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "239-12.ph3", "packageFilename": "systemd-devel-239-12.ph3.x86_64.rpm", "operator": "lt", "packageName": "systemd-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.8p13-1.ph3", "packageFilename": "ntpstat-4.2.8p13-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "ntpstat"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "6.9.0-2.ph3", "packageFilename": "oniguruma-debuginfo-6.9.0-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "oniguruma-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "6.9.0-2.ph3", "packageFilename": "oniguruma-6.9.0-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "oniguruma"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.58.0-4.ph3", "packageFilename": "glib-2.58.0-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "glib"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "noarch", "packageVersion": "8.5.40-2.ph3", "packageFilename": "apache-tomcat-8.5.40-2.ph3.noarch.rpm", "operator": "lt", "packageName": "apache-tomcat"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-libs-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2-libs"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.58.0-4.ph3", "packageFilename": "glib-devel-2.58.0-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "glib-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-devel-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.9.9-1.ph3", "packageFilename": "libxml2-devel-2.9.9-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxml2-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "1.1.32-4.ph3", "packageFilename": "libxslt-debuginfo-1.1.32-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxslt-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "6.0-13.ph3", "packageFilename": "unzip-debuginfo-6.0-13.ph3.x86_64.rpm", "operator": "lt", "packageName": "unzip-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.8p13-1.ph3", "packageFilename": "ntp-perl-4.2.8p13-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "ntp-perl"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "239-12.ph3", "packageFilename": "systemd-239-12.ph3.x86_64.rpm", "operator": "lt", "packageName": "systemd"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "239-12.ph3", "packageFilename": "systemd-debuginfo-239-12.ph3.x86_64.rpm", "operator": "lt", "packageName": "systemd-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "5.0.5-1.ph3", "packageFilename": "redis-debuginfo-5.0.5-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "redis-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-tools-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2-tools"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.7.15-9.ph3", "packageFilename": "python2-test-2.7.15-9.ph3.x86_64.rpm", "operator": "lt", "packageName": "python2-test"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.9.9-1.ph3", "packageFilename": "libxml2-debuginfo-2.9.9-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxml2-debuginfo"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "6.0-13.ph3", "packageFilename": "unzip-6.0-13.ph3.x86_64.rpm", "operator": "lt", "packageName": "unzip"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "1.1.32-4.ph3", "packageFilename": "libxslt-1.1.32-4.ph3.x86_64.rpm", "operator": "lt", "packageName": "libxslt"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.3-2.ph3", "packageFilename": "zeromq-devel-4.2.3-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "zeromq-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "4.2.8p13-1.ph3", "packageFilename": "ntp-4.2.8p13-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "ntp"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "6.9.0-2.ph3", "packageFilename": "oniguruma-devel-6.9.0-2.ph3.x86_64.rpm", "operator": "lt", "packageName": "oniguruma-devel"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.2.17-1.ph3", "packageFilename": "gnupg-2.2.17-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "gnupg"}, {"OS": "Photon", "OSVersion": "3.0", "arch": "x86_64", "packageVersion": "2.2.17-1.ph3", "packageFilename": "gnupg-debuginfo-2.2.17-1.ph3.x86_64.rpm", "operator": "lt", "packageName": "gnupg-debuginfo"}], "vendorCvss": {"severity": "critical"}}

{"photon": [{"lastseen": "2021-11-03T11:59:36", "description": "An update of {'python2', 'glib', 'libxml2', 'apache-tomcat', 'zeromq', 'libxslt', 'unzip', 'redis', 'oniguruma', 'gnupg', 'systemd', 'ntp'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-31T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-3.0-0024", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-1000858", "CVE-2018-20852", "CVE-2018-9251", "CVE-2019-10072", "CVE-2019-10192", "CVE-2019-10193", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13132", "CVE-2019-13224", "CVE-2019-13232", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454", "CVE-2019-8936"], "modified": "2019-07-31T00:00:00", "id": "PHSA-2019-3.0-0024", "href": "https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-13T00:40:20", "description": "Updates of ['glib', 'expat', 'oniguruma', 'libpng', 'python3', 'zeromq', 'python2', 'apache-tomcat', 'curl', 'systemd', 'unzip', 'gnupg', 'libxslt', 'libssh2'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-08-02T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0171", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12652", "CVE-2018-16890", "CVE-2018-20843", "CVE-2018-20852", "CVE-2019-10072", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13115", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13132", "CVE-2019-13224", "CVE-2019-13232", "CVE-2019-6454"], "modified": "2019-08-02T00:00:00", "id": "PHSA-2019-0171", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-171", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-11-03T08:50:02", "description": "An update of {'python3', 'gnupg', 'unzip', 'libxslt', 'libpng', 'python2'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-26T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0246", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12652", "CVE-2018-20852", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13232"], "modified": "2019-07-26T00:00:00", "id": "PHSA-2019-1.0-0246", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-246", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-13T00:23:24", "description": "Updates of ['python3', 'unzip', 'python2', 'libxslt', 'libpng', 'gnupg'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-26T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0246", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12652", "CVE-2018-20852", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13232"], "modified": "2019-07-26T00:00:00", "id": "PHSA-2019-0246", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-246", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T21:00:03", "description": "An update of {'glib', 'libxslt', 'libpng', 'python2', 'zeromq', 'expat', 'unzip', 'gnupg', 'python3', 'curl'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-08-02T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0171", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2017-12652", "CVE-2018-16890", "CVE-2018-20843", "CVE-2018-20852", "CVE-2019-13012", "CVE-2019-13050", "CVE-2019-13117", "CVE-2019-13118", "CVE-2019-13132", "CVE-2019-13232"], "modified": "2019-08-02T00:00:00", "id": "PHSA-2019-2.0-0171", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-171", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2021-11-03T17:50:02", "description": "An update of {'zeromq', 'glib'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0245", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13012", "CVE-2019-13132"], "modified": "2019-07-24T00:00:00", "id": "PHSA-2019-1.0-0245", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-245", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-12T18:03:38", "description": "Updates of ['glib', 'linux', 'linux-esx', 'zeromq'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-24T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0245", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13012", "CVE-2019-13132", "CVE-2019-13272", "CVE-2019-15807"], "modified": "2019-07-24T00:00:00", "id": "PHSA-2019-0245", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-245", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-10-16T00:26:33", "description": "An update of the systemd package has been released.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Systemd PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454"], "modified": "2019-09-24T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:systemd", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_SYSTEMD.NASL", "href": "https://www.tenable.com/plugins/nessus/128160", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128160);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/09/24 11:01:33\");\n\n script_cve_id(\"CVE-2019-3843\", \"CVE-2019-3844\", \"CVE-2019-6454\");\n script_bugtraq_id(107081);\n\n script_name(english:\"Photon OS 3.0: Systemd PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the systemd package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3844\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"systemd-239-12.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"systemd-debuginfo-239-12.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"systemd-devel-239-12.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"systemd-lang-239-12.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:39:23", "description": "This update for systemd fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348).\n\nCVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352).\n\nCVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509).\n\nNon-security issued fixed: logind: fix killing of scopes (bsc#1125604)\n\nnamespace: make MountFlags=shared work again (bsc#1124122)\n\nrules: load drivers only on 'add' events (bsc#1126056)\n\nsysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n\nsystemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933)\n\nudevd: notify when max number value of children is reached only once per batch of events (bsc#1132400)\n\nsd-bus: bump message queue size again (bsc#1132721)\n\nDo not automatically online memory on s390x (bsc#1127557)\n\nRemoved sg.conf (bsc#1036463)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3842", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-mini", "p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:suse_linux:libudev-devel", "p-cpe:/a:novell:suse_linux:libudev-devel-32bit", "p-cpe:/a:novell:suse_linux:libudev-mini-devel", "p-cpe:/a:novell:suse_linux:libudev-mini1", "p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:nss-myhostname", "p-cpe:/a:novell:suse_linux:nss-myhostname-32bit", "p-cpe:/a:novell:suse_linux:nss-myhostname-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo", "p-cpe:/a:novell:suse_linux:nss-mymachines", "p-cpe:/a:novell:suse_linux:nss-mymachines-32bit", "p-cpe:/a:novell:suse_linux:nss-mymachines-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo", "p-cpe:/a:novell:suse_linux:nss-systemd", "p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-container", "p-cpe:/a:novell:suse_linux:systemd-container-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-coredump", "p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-devel", "p-cpe:/a:novell:suse_linux:systemd-logger", "p-cpe:/a:novell:suse_linux:systemd-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debugsource", "p-cpe:/a:novell:suse_linux:systemd-mini-devel", "p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:udev-mini", "p-cpe:/a:novell:suse_linux:udev-mini-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1364-2.NASL", "href": "https://www.tenable.com/plugins/nessus/126736", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1364-2.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126736);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-3842\", \"CVE-2019-3843\", \"CVE-2019-3844\", \"CVE-2019-6454\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-2)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3842: Fixed a privilege escalation in pam_systemd which could\nbe exploited by a local user (bsc#1132348).\n\nCVE-2019-6454: Fixed a denial of service via crafted D-Bus message\n(bsc#1125352).\n\nCVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where\nservices with DynamicUser could gain new privileges or create\nSUID/SGID binaries (bsc#1133506, bsc#1133509).\n\nNon-security issued fixed: logind: fix killing of scopes (bsc#1125604)\n\nnamespace: make MountFlags=shared work again (bsc#1124122)\n\nrules: load drivers only on 'add' events (bsc#1126056)\n\nsysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n\nsystemd-coredump: generate a stack trace of all core dumps and log\ninto the journal (jsc#SLE-5933)\n\nudevd: notify when max number value of children is reached only once\nper batch of events (bsc#1132400)\n\nsd-bus: bump message queue size again (bsc#1132721)\n\nDo not automatically online memory on s390x (bsc#1127557)\n\nRemoved sg.conf (bsc#1036463)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1036463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3842/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3843/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3844/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6454/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191364-2/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?592f8ecd\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1364=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-1364=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3844\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev-devel-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsystemd0-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsystemd0-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsystemd0-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libsystemd0-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev-mini1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev-mini1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libudev1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-myhostname-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-myhostname-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-mymachines-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-mymachines-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"nss-systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-container-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-container-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-coredump-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-coredump-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-logger-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-container-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-container-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-coredump-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-mini-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"systemd-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"udev-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"udev-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"udev-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"udev-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev-devel-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-myhostname-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"nss-mymachines-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsystemd0-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsystemd0-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsystemd0-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libsystemd0-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev-mini1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev-mini1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libudev1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-myhostname-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-myhostname-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-mymachines-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-mymachines-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"nss-systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-container-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-container-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-coredump-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-coredump-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-logger-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-container-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-container-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-coredump-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-mini-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"systemd-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"udev-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"udev-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"udev-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"udev-mini-debuginfo-234-24.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:49:52", "description": "This update for systemd fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3842: Fixed a privilege escalation in pam_systemd which could be exploited by a local user (bsc#1132348).\n\nCVE-2019-6454: Fixed a denial of service via crafted D-Bus message (bsc#1125352).\n\nCVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where services with DynamicUser could gain new privileges or create SUID/SGID binaries (bsc#1133506, bsc#1133509).\n\nNon-security issued fixed: logind: fix killing of scopes (bsc#1125604)\n\nnamespace: make MountFlags=shared work again (bsc#1124122)\n\nrules: load drivers only on 'add' events (bsc#1126056)\n\nsysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n\nsystemd-coredump: generate a stack trace of all core dumps and log into the journal (jsc#SLE-5933)\n\nudevd: notify when max number value of children is reached only once per batch of events (bsc#1132400)\n\nsd-bus: bump message queue size again (bsc#1132721)\n\nDo not automatically online memory on s390x (bsc#1127557)\n\nRemoved sg.conf (bsc#1036463)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-05-29T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3842", "CVE-2019-3843", "CVE-2019-3844", "CVE-2019-6454"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libsystemd0", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit", "p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo", "p-cpe:/a:novell:suse_linux:libsystemd0-mini", "p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo", "p-cpe:/a:novell:suse_linux:libudev-devel", "p-cpe:/a:novell:suse_linux:libudev-mini-devel", "p-cpe:/a:novell:suse_linux:libudev-mini1", "p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1", "p-cpe:/a:novell:suse_linux:libudev1-32bit", "p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libudev1-debuginfo", "p-cpe:/a:novell:suse_linux:nss-myhostname", "p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo", "p-cpe:/a:novell:suse_linux:nss-mymachines", "p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo", "p-cpe:/a:novell:suse_linux:nss-systemd", "p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd", "p-cpe:/a:novell:suse_linux:systemd-32bit", "p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-container", "p-cpe:/a:novell:suse_linux:systemd-container-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-coredump", "p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-debugsource", "p-cpe:/a:novell:suse_linux:systemd-devel", "p-cpe:/a:novell:suse_linux:systemd-logger", "p-cpe:/a:novell:suse_linux:systemd-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini", "p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo", "p-cpe:/a:novell:suse_linux:systemd-mini-debugsource", "p-cpe:/a:novell:suse_linux:systemd-mini-devel", "p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit", "p-cpe:/a:novell:suse_linux:systemd-sysvinit", "p-cpe:/a:novell:suse_linux:udev", "p-cpe:/a:novell:suse_linux:udev-debuginfo", "p-cpe:/a:novell:suse_linux:udev-mini", "p-cpe:/a:novell:suse_linux:udev-mini-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1364-1.NASL", "href": "https://www.tenable.com/plugins/nessus/125537", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1364-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125537);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-3842\", \"CVE-2019-3843\", \"CVE-2019-3844\", \"CVE-2019-6454\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : systemd (SUSE-SU-2019:1364-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for systemd fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-3842: Fixed a privilege escalation in pam_systemd which could\nbe exploited by a local user (bsc#1132348).\n\nCVE-2019-6454: Fixed a denial of service via crafted D-Bus message\n(bsc#1125352).\n\nCVE-2019-3843, CVE-2019-3844: Fixed a privilege escalation where\nservices with DynamicUser could gain new privileges or create\nSUID/SGID binaries (bsc#1133506, bsc#1133509).\n\nNon-security issued fixed: logind: fix killing of scopes (bsc#1125604)\n\nnamespace: make MountFlags=shared work again (bsc#1124122)\n\nrules: load drivers only on 'add' events (bsc#1126056)\n\nsysctl: Don't pass null directive argument to '%s' (bsc#1121563)\n\nsystemd-coredump: generate a stack trace of all core dumps and log\ninto the journal (jsc#SLE-5933)\n\nudevd: notify when max number value of children is reached only once\nper batch of events (bsc#1132400)\n\nsd-bus: bump message queue size again (bsc#1132721)\n\nDo not automatically online memory on s390x (bsc#1127557)\n\nRemoved sg.conf (bsc#1036463)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1036463\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1121563\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1124122\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125352\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125604\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1126056\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1127557\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1130230\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132348\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132400\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1132721\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1133509\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3842/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3843/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-3844/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-6454/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191364-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d71e703\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1364=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-1364=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3844\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libsystemd0-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev-mini1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libudev1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-myhostname-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-mymachines-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:nss-systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-container-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-coredump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-logger\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-container-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-coredump-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-mini-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:systemd-sysvinit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:udev-mini-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/21\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-logger-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libsystemd0-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"libudev1-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", cpu:\"x86_64\", reference:\"systemd-32bit-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libsystemd0-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev-mini1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libudev1-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-myhostname-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-mymachines-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"nss-systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-container-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-coredump-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-logger-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-container-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-coredump-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-debugsource-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-devel-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-mini-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"systemd-sysvinit-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-debuginfo-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-234-24.30.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"udev-mini-debuginfo-234-24.30.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:04:15", "description": "From Red Hat Security Advisory 2019:2002 :\n\nAn update for the redis:5 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRedis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es) :\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Stack buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : redis:5 (ELSA-2019-2002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:redis", "p-cpe:/a:oracle:linux:redis-devel", "p-cpe:/a:oracle:linux:redis-doc", "cpe:/o:oracle:linux:8"], "id": "ORACLELINUX_ELSA-2019-2002.NASL", "href": "https://www.tenable.com/plugins/nessus/127977", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2002 and \n# Oracle Linux Security Advisory ELSA-2019-2002 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127977);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-10192\", \"CVE-2019-10193\");\n script_xref(name:\"RHSA\", value:\"2019:2002\");\n\n script_name(english:\"Oracle Linux 8 : redis:5 (ELSA-2019-2002)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:2002 :\n\nAn update for the redis:5 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRedis is an advanced key-value store. It is often referred to as a\ndata-structure server since keys can contain strings, hashes, lists,\nsets, and sorted sets. For performance, Redis works with an in-memory\ndata set. You can persist it either by dumping the data set to disk\nevery once in a while, or by appending each command to a log.\n\nSecurity Fix(es) :\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious\nclient (CVE-2019-10192)\n\n* redis: Stack buffer overflow in HyperLogLog triggered by malicious\nclient (CVE-2019-10193)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2019-August/009072.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected redis:5 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:redis-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:redis-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"redis-5.0.3-2.module+el8.0.0.z+5250+19ca22c8\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"redis-devel-5.0.3-2.module+el8.0.0.z+5250+19ca22c8\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"redis-doc-5.0.3-2.module+el8.0.0.z+5250+19ca22c8\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redis / redis-devel / redis-doc\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:05:11", "description": "An update for the redis:5 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nRedis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es) :\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Stack buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "RHEL 8 : redis:5 (RHSA-2019:2002)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2021-03-24T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:redis", "p-cpe:/a:redhat:enterprise_linux:redis-debugsource", "p-cpe:/a:redhat:enterprise_linux:redis-devel", "p-cpe:/a:redhat:enterprise_linux:redis-doc", "cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:enterprise_linux:8.0"], "id": "REDHAT-RHSA-2019-2002.NASL", "href": "https://www.tenable.com/plugins/nessus/127644", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2002. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127644);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/24\");\n\n script_cve_id(\"CVE-2019-10192\", \"CVE-2019-10193\");\n script_xref(name:\"RHSA\", value:\"2019:2002\");\n\n script_name(english:\"RHEL 8 : redis:5 (RHSA-2019:2002)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the redis:5 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRedis is an advanced key-value store. It is often referred to as a\ndata-structure server since keys can contain strings, hashes, lists,\nsets, and sorted sets. For performance, Redis works with an in-memory\ndata set. You can persist it either by dumping the data set to disk\nevery once in a while, or by appending each command to a log.\n\nSecurity Fix(es) :\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious\nclient (CVE-2019-10192)\n\n* redis: Stack buffer overflow in HyperLogLog triggered by malicious\nclient (CVE-2019-10193)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2002\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10192\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-10193\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10192\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redis-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redis-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:redis-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/redis');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module redis:5');\nif ('5' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module redis:' + module_ver);\n\nappstreams = {\n 'redis:5': [\n {'reference':'redis-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'aarch64', 'release':'8'},\n {'reference':'redis-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'s390x', 'release':'8'},\n {'reference':'redis-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'x86_64', 'release':'8'},\n {'reference':'redis-debugsource-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'aarch64', 'release':'8'},\n {'reference':'redis-debugsource-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'s390x', 'release':'8'},\n {'reference':'redis-debugsource-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'x86_64', 'release':'8'},\n {'reference':'redis-devel-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'aarch64', 'release':'8'},\n {'reference':'redis-devel-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'s390x', 'release':'8'},\n {'reference':'redis-devel-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'cpu':'x86_64', 'release':'8'},\n {'reference':'redis-doc-5.0.3-2.module+el8.0.0.z+3657+acb471dc', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module redis:5');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'redis / redis-debugsource / redis-devel / etc');\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:05:20", "description": "Multiple vulnerabilities were discovered in the HyperLogLog implementation of Redis, a persistent key-value database, which could result in denial of service or potentially the execution of arbitrary code.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-15T00:00:00", "type": "nessus", "title": "Debian DSA-4480-1 : redis - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:redis", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4480.NASL", "href": "https://www.tenable.com/plugins/nessus/126655", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4480. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126655);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-10192\", \"CVE-2019-10193\");\n script_xref(name:\"DSA\", value:\"4480\");\n\n script_name(english:\"Debian DSA-4480-1 : redis - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Multiple vulnerabilities were discovered in the HyperLogLog\nimplementation of Redis, a persistent key-value database, which could\nresult in denial of service or potentially the execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/redis\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/redis\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/redis\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4480\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the redis packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 3:3.2.6-3+deb9u3.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 5:5.0.3-4+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"redis\", reference:\"5:5.0.3-4+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"redis-sentinel\", reference:\"5:5.0.3-4+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"redis-server\", reference:\"5:5.0.3-4+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"redis-tools\", reference:\"5:5.0.3-4+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"redis-sentinel\", reference:\"3:3.2.6-3+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"redis-server\", reference:\"3:3.2.6-3+deb9u3\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"redis-tools\", reference:\"3:3.2.6-3+deb9u3\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:04:06", "description": "An update of the redis package has been released.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Redis PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:redis", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_REDIS.NASL", "href": "https://www.tenable.com/plugins/nessus/128159", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128159);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-10192\", \"CVE-2019-10193\");\n\n script_name(english:\"Photon OS 3.0: Redis PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the redis package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10193\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"redis-5.0.5-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"redis-debuginfo-5.0.5-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redis\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:05:20", "description": "It was discovered that Redis incorrectly handled the hyperloglog data structure. An attacker could use this issue to cause Redis to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-17T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Redis vulnerabilities (USN-4061-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:redis", "p-cpe:/a:canonical:ubuntu_linux:redis-tools", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4061-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126773", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4061-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126773);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2019-10192\", \"CVE-2019-10193\");\n script_xref(name:\"USN\", value:\"4061-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 : Redis vulnerabilities (USN-4061-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that Redis incorrectly handled the hyperloglog data\nstructure. An attacker could use this issue to cause Redis to crash,\nresulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4061-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected redis and / or redis-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:redis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"redis-tools\", pkgver:\"2:3.0.6-1ubuntu0.4\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"redis\", pkgver:\"5:4.0.9-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"redis-tools\", pkgver:\"5:4.0.9-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"redis\", pkgver:\"5:5.0.3-4ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"redis-tools\", pkgver:\"5:5.0.3-4ubuntu0.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redis / redis-tools\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-08-11T15:45:07", "description": "According to the versions of the libxslt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2019-1929)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2019-1929.NASL", "href": "https://www.tenable.com/plugins/nessus/128932", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128932);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : libxslt (EulerOS-SA-2019-1929)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1929\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?14e519ab\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3\",\n \"libxslt-python-1.1.28-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:44:24", "description": "According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-24T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2032)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2032.NASL", "href": "https://www.tenable.com/plugins/nessus/129225", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129225);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : libxslt (EulerOS-SA-2019-2032)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2032\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e24ac92d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3\",\n \"libxslt-devel-1.1.28-5.h3\",\n \"libxslt-python-1.1.28-5.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:46:32", "description": "Fixes for CVE-2019-13117, CVE-2019-13118\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-10-29T00:00:00", "type": "nessus", "title": "Fedora 31 : libxslt (2019-fdf6ec39b4)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:libxslt", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-FDF6EC39B4.NASL", "href": "https://www.tenable.com/plugins/nessus/130353", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-fdf6ec39b4.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130353);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n script_xref(name:\"FEDORA\", value:\"2019-fdf6ec39b4\");\n\n script_name(english:\"Fedora 31 : libxslt (2019-fdf6ec39b4)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fixes for CVE-2019-13117, CVE-2019-13118\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-fdf6ec39b4\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libxslt package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"libxslt-1.1.33-4.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T14:54:47", "description": "According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-01-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1017.NASL", "href": "https://www.tenable.com/plugins/nessus/132610", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132610);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : libxslt (EulerOS-SA-2020-1017)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1017\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?66401d16\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.32-3.h6.eulerosv2r8\",\n \"libxslt-devel-1.1.32-3.h6.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:39:50", "description": "This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-07-19T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2019:1867-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxslt-debugsource", "p-cpe:/a:novell:suse_linux:libxslt-tools", "p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libxslt1", "p-cpe:/a:novell:suse_linux:libxslt1-debuginfo", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1867-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126809", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1867-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126809);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libxslt (SUSE-SU-2019:1867-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13117/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13118/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191867-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20ed9b4b\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1867=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-1867=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1867=1\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-debugsource-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-tools-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt-tools-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libxslt1-debuginfo-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-debugsource-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-tools-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt-tools-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-32bit-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-debuginfo-1.1.28-17.6.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libxslt1-debuginfo-32bit-1.1.28-17.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:44:04", "description": "According to the versions of the libxslt packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with certain format strings could lead to a uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1913)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libxslt", "p-cpe:/a:huawei:euleros:libxslt-devel", "p-cpe:/a:huawei:euleros:libxslt-python", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1913.NASL", "href": "https://www.tenable.com/plugins/nessus/128836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128836);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-13117\",\n \"CVE-2019-13118\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : libxslt (EulerOS-SA-2019-1913)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libxslt packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - In numbers.c in libxslt 1.1.33, an xsl:number with\n certain format strings could lead to a uninitialized\n read in xsltNumberFormatInsertNumbers. This could allow\n an attacker to discern whether a byte on the stack\n contains the characters A, a, I, i, or 0, or any other\n character.(CVE-2019-13117)\n\n - In numbers.c in libxslt 1.1.33, a type holding grouping\n characters of an xsl:number instruction was too narrow\n and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.(CVE-2019-13118)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1913\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cd2fc2f4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libxslt packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"libxslt-1.1.28-5.h3.eulerosv2r7\",\n \"libxslt-devel-1.1.28-5.h3.eulerosv2r7\",\n \"libxslt-python-1.1.28-5.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:44:05", "description": "An update of the libxslt package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Libxslt PHSA-2019-2.0-0171", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2019-12-30T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0171_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128719", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0171. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128719);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 2.0: Libxslt PHSA-2019-2.0-0171\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-171.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-1.1.29-6.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-debuginfo-1.1.29-6.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"libxslt-devel-1.1.29-6.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:43:05", "description": "An update of the libxslt package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Libxslt PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128155", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128155);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 3.0: Libxslt PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-1.1.32-4.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-debuginfo-1.1.32-4.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libxslt-devel-1.1.32-4.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-08-11T15:42:14", "description": "An update of the libxslt package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Libxslt PHSA-2019-1.0-0246", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libxslt", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0246_LIBXSLT.NASL", "href": "https://www.tenable.com/plugins/nessus/128170", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0246. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128170);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Photon OS 1.0: Libxslt PHSA-2019-1.0-0246\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libxslt package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-246.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13118\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libxslt\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-1.1.29-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-debuginfo-1.1.29-6.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"libxslt-devel-1.1.29-6.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2022-03-19T20:00:11", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4490 advisory.\n\n - gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service (CVE-2018-1000858)\n\n - GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which leads to persistent DoS (CVE-2019-13050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2020-11-04T00:00:00", "type": "nessus", "title": "RHEL 8 : gnupg2 (RHSA-2020:4490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858", "CVE-2019-13050"], "modified": "2021-10-12T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:gnupg2", "p-cpe:/a:redhat:enterprise_linux:gnupg2-smime"], "id": "REDHAT-RHSA-2020-4490.NASL", "href": "https://www.tenable.com/plugins/nessus/142389", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4490. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142389);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/12\");\n\n script_cve_id(\"CVE-2019-13050\");\n script_xref(name:\"RHSA\", value:\"2020:4490\");\n\n script_name(english:\"RHEL 8 : gnupg2 (RHSA-2020:4490)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4490 advisory.\n\n - gnupg2: Cross site request forgery in dirmngr resulting in an information disclosure or denial of service\n (CVE-2018-1000858)\n\n - GnuPG: interaction between the sks-keyserver code and GnuPG allows for a Certificate Spamming Attack which\n leads to persistent DoS (CVE-2019-13050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/297.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/352.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-1000858\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-13050\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4490\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1663917\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1726146\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gnupg2 and / or gnupg2-smime packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13050\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(297, 352);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:gnupg2-smime\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'gnupg2-2.2.20-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'gnupg2-2.2.20-2.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'gnupg2-2.2.20-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'gnupg2-smime-2.2.20-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'gnupg2-smime-2.2.20-2.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'gnupg2-smime-2.2.20-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gnupg2 / gnupg2-smime');\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-02-14T23:35:29", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4490 advisory.\n\n - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in the composer window of Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit 4a4bb874f63741026bd26264c43bb32b1099f060. (CVE-2018-1000858)\n\n - Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS keyserver network. Retrieving data from this network may cause a persistent denial of service, because of a Certificate Spamming Attack. (CVE-2019-13050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : gnupg2 (ALSA-2020:4490)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858", "CVE-2019-13050"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:alma:linux:gnupg2", "p-cpe:/a:alma:linux:gnupg2-smime", "cpe:/o:alma:linux:8"], "id": "ALMA_LINUX_ALSA-2020-4490.NASL", "href": "https://www.tenable.com/plugins/nessus/157527", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2020:4490.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157527);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2018-1000858\", \"CVE-2019-13050\");\n script_xref(name:\"ALSA\", value:\"2020:4490\");\n\n script_name(english:\"AlmaLinux 8 : gnupg2 (ALSA-2020:4490)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2020:4490 advisory.\n\n - GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that\n can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable\n via Victim must perform a WKD request, e.g. enter an email address in the composer window of\n Thunderbird/Enigmail. This vulnerability appears to have been fixed in after commit\n 4a4bb874f63741026bd26264c43bb32b1099f060. (CVE-2018-1000858)\n\n - Interaction between the sks-keyserver code through 1.2.0 of the SKS keyserver network, and GnuPG through\n 2.2.16, makes it risky to have a GnuPG keyserver configuration line referring to a host on the SKS\n keyserver network. Retrieving data from this network may cause a persistent denial of service, because of\n a Certificate Spamming Attack. (CVE-2019-13050)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2020-4490.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected gnupg2 and / or gnupg2-smime packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:gnupg2-smime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(release) || 'AlmaLinux' >!< release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'gnupg2-2.2.20-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'gnupg2-smime-2.2.20-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'gnupg2 / gnupg2-smime');\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T00:27:07", "description": "An update of the gnupg package has been released.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Gnupg PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858", "CVE-2019-13050"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:gnupg", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_GNUPG.NASL", "href": "https://www.tenable.com/plugins/nessus/128153", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128153);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2018-1000858\", \"CVE-2019-13050\");\n\n script_name(english:\"Photon OS 3.0: Gnupg PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the gnupg package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"gnupg-2.2.17-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"gnupg-debuginfo-2.2.17-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:18:04", "description": "According to the versions of the systemd packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the UID/GID will be recycled.(CVE-2019-3843)\n\n - It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future, when the GID will be recycled.(CVE-2019-3844)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-12-03T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.3.0 : systemd (EulerOS-SA-2019-2319)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3843", "CVE-2019-3844"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:systemd", "p-cpe:/a:huawei:euleros:systemd-container", "p-cpe:/a:huawei:euleros:systemd-devel", "p-cpe:/a:huawei:euleros:systemd-journal-remote", "p-cpe:/a:huawei:euleros:systemd-libs", "p-cpe:/a:huawei:euleros:systemd-pam", "p-cpe:/a:huawei:euleros:systemd-udev", "p-cpe:/a:huawei:euleros:systemd-udev-compat", "cpe:/o:huawei:euleros:uvp:3.0.3.0"], "id": "EULEROS_SA-2019-2319.NASL", "href": "https://www.tenable.com/plugins/nessus/131484", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131484);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-3843\",\n \"CVE-2019-3844\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.3.0 : systemd (EulerOS-SA-2019-2319)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the systemd packages installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - It was discovered that a systemd service that uses\n DynamicUser property can create a SUID/SGID binary that\n would be allowed to run as the transient service\n UID/GID even after the service is terminated. A local\n attacker may use this flaw to access resources that\n will be owned by a potentially different service in the\n future, when the UID/GID will be\n recycled.(CVE-2019-3843)\n\n - It was discovered that a systemd service that uses\n DynamicUser property can get new privileges through the\n execution of SUID binaries, which would allow to create\n binaries owned by the service transient group with the\n setgid bit set. A local attacker may use this flaw to\n access resources that will be owned by a potentially\n different service in the future, when the GID will be\n recycled.(CVE-2019-3844)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2319\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?3efa94e4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected systemd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-journal-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-udev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.3.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.3.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.3.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"systemd-239-3.h56.eulerosv2r8\",\n \"systemd-container-239-3.h56.eulerosv2r8\",\n \"systemd-devel-239-3.h56.eulerosv2r8\",\n \"systemd-journal-remote-239-3.h56.eulerosv2r8\",\n \"systemd-libs-239-3.h56.eulerosv2r8\",\n \"systemd-pam-239-3.h56.eulerosv2r8\",\n \"systemd-udev-239-3.h56.eulerosv2r8\",\n \"systemd-udev-compat-239-3.h56.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:08:00", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:1794 advisory.\n\n - systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843)\n\n - systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : systemd (CESA-2020:1794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3843", "CVE-2019-3844"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:systemd", "p-cpe:/a:centos:centos:systemd-container", "p-cpe:/a:centos:centos:systemd-devel", "p-cpe:/a:centos:centos:systemd-journal-remote", "p-cpe:/a:centos:centos:systemd-libs", "p-cpe:/a:centos:centos:systemd-pam", "p-cpe:/a:centos:centos:systemd-tests", "p-cpe:/a:centos:centos:systemd-udev"], "id": "CENTOS8_RHSA-2020-1794.NASL", "href": "https://www.tenable.com/plugins/nessus/145995", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1794. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145995);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2019-3843\", \"CVE-2019-3844\");\n script_bugtraq_id(108096, 108116);\n script_xref(name:\"RHSA\", value:\"2020:1794\");\n\n script_name(english:\"CentOS 8 : systemd (CESA-2020:1794)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2020:1794 advisory.\n\n - systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843)\n\n - systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1794\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3844\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-journal-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:systemd-udev\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\npkgs = [\n {'reference':'systemd-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-container-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-container-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-pam-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-pam-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-tests-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-tests-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-udev-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'systemd-udev-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'systemd / systemd-container / systemd-devel / systemd-journal-remote / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-14T00:22:19", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:1794 advisory.\n\n - systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843)\n\n - systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-04-28T00:00:00", "type": "nessus", "title": "RHEL 8 : systemd (RHSA-2020:1794)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3843", "CVE-2019-3844"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:systemd", "p-cpe:/a:redhat:enterprise_linux:systemd-container", "p-cpe:/a:redhat:enterprise_linux:systemd-devel", "p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote", "p-cpe:/a:redhat:enterprise_linux:systemd-libs", "p-cpe:/a:redhat:enterprise_linux:systemd-pam", "p-cpe:/a:redhat:enterprise_linux:systemd-tests", "p-cpe:/a:redhat:enterprise_linux:systemd-udev"], "id": "REDHAT-RHSA-2020-1794.NASL", "href": "https://www.tenable.com/plugins/nessus/136046", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1794. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136046);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2019-3843\", \"CVE-2019-3844\");\n script_bugtraq_id(108096, 108116);\n script_xref(name:\"RHSA\", value:\"2020:1794\");\n\n script_name(english:\"RHEL 8 : systemd (RHSA-2020:1794)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:1794 advisory.\n\n - systemd: services with DynamicUser can create SUID/SGID binaries (CVE-2019-3843)\n\n - systemd: services with DynamicUser can get new privileges and create SGID binaries (CVE-2019-3844)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/266.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/268.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-3843\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-3844\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1794\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1684607\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1684610\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-3844\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(266, 268);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/04/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-journal-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:systemd-udev\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'systemd-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-239-29.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-container-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-container-239-29.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-container-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-container-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-devel-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-journal-remote-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-libs-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-pam-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-pam-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-pam-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-tests-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-tests-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-tests-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-udev-239-29.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-udev-239-29.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'systemd-udev-239-29.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'systemd / systemd-container / systemd-devel / systemd-journal-remote / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-29T16:10:46", "description": "It was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. (CVE-2019-13117, CVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-18197).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-10-23T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Libxslt vulnerabilities (USN-4164-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118", "CVE-2019-18197"], "modified": "2021-01-29T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libxslt1.1", "cpe:/o:canonical:ubuntu_linux:14.04", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.04", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4164-1.NASL", "href": "https://www.tenable.com/plugins/nessus/130167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4164-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130167);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/29\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n script_xref(name:\"USN\", value:\"4164-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.04 / 19.10 : Libxslt vulnerabilities (USN-4164-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"It was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to access sensitive\ninformation. This issue not affected Ubuntu 19.10. (CVE-2019-13117,\nCVE-2019-13118)\n\nIt was discovered that Libxslt incorrectly handled certain documents.\nAn attacker could possibly use this issue to execute arbitrary code.\n(CVE-2019-18197).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4164-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libxslt1.1 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18197\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libxslt1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:14.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2021 Canonical, Inc. / NASL script (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|14\\.04|16\\.04|18\\.04|19\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 14.04 / 16.04 / 18.04 / 19.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.28-2.1ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.29-5ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libxslt1.1\", pkgver:\"1.1.32-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"libxslt1.1\", pkgver:\"1.1.33-0ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt1.1\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-29T16:49:20", "description": "This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).\n\n - CVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).\n\n - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure (bsc#1154609).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-05-29T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libxslt (openSUSE-2020-731)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118", "CVE-2019-18197"], "modified": "2020-06-05T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libxslt-debugsource", "p-cpe:/a:novell:opensuse:libxslt-devel", "p-cpe:/a:novell:opensuse:libxslt-devel-32bit", "p-cpe:/a:novell:opensuse:libxslt-python", "p-cpe:/a:novell:opensuse:libxslt-python-debuginfo", "p-cpe:/a:novell:opensuse:libxslt-python-debugsource", "p-cpe:/a:novell:opensuse:libxslt-tools", "p-cpe:/a:novell:opensuse:libxslt-tools-debuginfo", "p-cpe:/a:novell:opensuse:libxslt1", "p-cpe:/a:novell:opensuse:libxslt1-32bit", "p-cpe:/a:novell:opensuse:libxslt1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libxslt1-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-731.NASL", "href": "https://www.tenable.com/plugins/nessus/136963", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-731.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136963);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/05\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n\n script_name(english:\"openSUSE Security Update : libxslt (openSUSE-2020-731)\");\n script_summary(english:\"Check for the openSUSE-2020-731 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\n - CVE-2019-13118: Fixed a read of uninitialized stack data\n (bsc#1140101).\n\n - CVE-2019-13117: Fixed a uninitialized read which allowed\n to discern whether a byte on the stack contains certain\n special characters (bsc#1140095).\n\n - CVE-2019-18197: Fixed a dangling pointer in xsltCopyText\n which may have led to information disclosure\n (bsc#1154609).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1154609\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libxslt packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18197\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-python\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-python-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-python-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libxslt1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt-debugsource-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt-devel-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt-tools-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt-tools-debuginfo-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt1-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libxslt1-debuginfo-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt-devel-32bit-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt-python-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt-python-debuginfo-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt-python-debugsource-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt1-32bit-1.1.32-lp151.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libxslt1-32bit-debuginfo-1.1.32-lp151.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt-python / libxslt-python-debuginfo / etc\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-29T16:51:12", "description": "This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data (bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern whether a byte on the stack contains certain special characters (bsc#1140095).\n\nCVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may have led to information disclosure (bsc#1154609).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2020:1409-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13117", "CVE-2019-13118", "CVE-2019-18197"], "modified": "2020-06-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libxslt-debugsource", "p-cpe:/a:novell:suse_linux:libxslt-devel", "p-cpe:/a:novell:suse_linux:libxslt-tools", "p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo", "p-cpe:/a:novell:suse_linux:libxslt1", "p-cpe:/a:novell:suse_linux:libxslt1-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-1409-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137539", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1409-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137539);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/22\");\n\n script_cve_id(\"CVE-2019-13117\", \"CVE-2019-13118\", \"CVE-2019-18197\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libxslt (SUSE-SU-2020:1409-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libxslt fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2019-13118: Fixed a read of uninitialized stack data\n(bsc#1140101).\n\nCVE-2019-13117: Fixed a uninitialized read which allowed to discern\nwhether a byte on the stack contains certain special characters\n(bsc#1140095).\n\nCVE-2019-18197: Fixed a dangling pointer in xsltCopyText which may\nhave led to information disclosure (bsc#1154609).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140095\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140101\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1154609\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13117/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13118/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-18197/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201409-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6fe2dfb9\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Basesystem-15-SP1-2020-1409=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-18197\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libxslt1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-debugsource-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-devel-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-tools-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt-tools-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt1-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libxslt1-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-debugsource-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-devel-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-tools-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt-tools-debuginfo-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt1-1.1.32-3.8.24\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libxslt1-debuginfo-1.1.32-3.8.24\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libxslt\");\n}\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:21:56", "description": "According to the versions of the systemd packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow a cooperating process to create binaries owned by the service transient group with the setgid bit set. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future when the GID will be recycled.(CVE-2019-3844)\n\n - It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated. A local attacker may use this flaw to access resources that will be owned by a potentially different service in the future when the UID/GID will be recycled.(CVE-2019-3843)\n\n - In systemd before v242-rc4, it was discovered that pam_systemd does not properly sanitize the environment before using the XDG_SEAT variable. It is possible for an attacker, in some particular configurations, to set a XDG_SEAT environment variable which allows for commands to be checked against polkit policies using the 'allow_active' element rather than 'allow_any'.(CVE-2019-3842)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-06-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : systemd (EulerOS-SA-2019-1661)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-3842", "CVE-2019-3843", "CVE-2019-3844"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:systemd", "p-cpe:/a:huawei:euleros:systemd-container", "p-cpe:/a:huawei:euleros:systemd-devel", "p-cpe:/a:huawei:euleros:systemd-journal-remote", "p-cpe:/a:huawei:euleros:systemd-libs", "p-cpe:/a:huawei:euleros:systemd-pam", "p-cpe:/a:huawei:euleros:systemd-udev", "p-cpe:/a:huawei:euleros:systemd-udev-compat", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1661.NASL", "href": "https://www.tenable.com/plugins/nessus/126288", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126288);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-3842\",\n \"CVE-2019-3843\",\n \"CVE-2019-3844\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : systemd (EulerOS-SA-2019-1661)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the systemd packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - It was discovered that a systemd service that uses\n DynamicUser property can get new privileges through the\n execution of SUID binaries, which would allow a\n cooperating process to create binaries owned by the\n service transient group with the setgid bit set. A\n local attacker may use this flaw to access resources\n that will be owned by a potentially different service\n in the future when the GID will be\n recycled.(CVE-2019-3844)\n\n - It was discovered that a systemd service that uses\n DynamicUser property can create a SUID/SGID binary that\n would be allowed to run as the transient service\n UID/GID even after the service is terminated. A local\n attacker may use this flaw to access resources that\n will be owned by a potentially different service in the\n future when the UID/GID will be\n recycled.(CVE-2019-3843)\n\n - In systemd before v242-rc4, it was discovered that\n pam_systemd does not properly sanitize the environment\n before using the XDG_SEAT variable. It is possible for\n an attacker, in some particular configurations, to set\n a XDG_SEAT environment variable which allows for\n commands to be checked against polkit policies using\n the 'allow_active' element rather than\n 'allow_any'.(CVE-2019-3842)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1661\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?edc44c28\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected systemd packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-container\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-journal-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-pam\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-udev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:systemd-udev-compat\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"systemd-239-3.h24.eulerosv2r8\",\n \"systemd-container-239-3.h24.eulerosv2r8\",\n \"systemd-devel-239-3.h24.eulerosv2r8\",\n \"systemd-journal-remote-239-3.h24.eulerosv2r8\",\n \"systemd-libs-239-3.h24.eulerosv2r8\",\n \"systemd-pam-239-3.h24.eulerosv2r8\",\n \"systemd-udev-239-3.h24.eulerosv2r8\",\n \"systemd-udev-compat-239-3.h24.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-09-20T13:11:24", "description": "The remote host is affected by the vulnerability described in GLSA-201908-04 (Redis: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Redis. Please review the CVE identifiers referenced below for details.\n Impact :\n\n Please review the referenced CVE identifiers for details.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-12T00:00:00", "type": "nessus", "title": "GLSA-201908-04 : Redis: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-11218", "CVE-2018-11219", "CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:redis", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201908-04.NASL", "href": "https://www.tenable.com/plugins/nessus/127562", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201908-04.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127562);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/06\");\n\n script_cve_id(\"CVE-2018-11218\", \"CVE-2018-11219\", \"CVE-2019-10192\", \"CVE-2019-10193\");\n script_xref(name:\"GLSA\", value:\"201908-04\");\n\n script_name(english:\"GLSA-201908-04 : Redis: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201908-04\n(Redis: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Redis. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n Please review the referenced CVE identifiers for details.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201908-04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Redis users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-db/redis-4.0.14'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-db/redis\", unaffected:make_list(\"ge 4.0.14\"), vulnerable:make_list(\"lt 4.0.14\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Redis\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:21:36", "description": "Several vulnerabilities were found in libxslt the XSLT 1.0 processing library.\n\nCVE-2016-4610\n\nInvalid memory access leading to DoS at exsltDynMapFunction. libxslt allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.\n\nCVE-2016-4609\n\nOut-of-bounds read at xmlGetLineNoInternal() libxslt allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.\n\nCVE-2019-13117\n\nAn xsl:number with certain format strings could lead to an uninitialized read in xsltNumberFormatInsertNumbers. This could allow an attacker to discern whether a byte on the stack contains the characters A, a, I, i, or 0, or any other character.\n\nCVE-2019-13118\n\nA type holding grouping characters of an xsl:number instruction was too narrow and an invalid character/length combination could be passed to xsltNumberFormatDecimal, leading to a read of uninitialized stack data.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 1.1.28-2+deb8u5.\n\nWe recommend that you upgrade your libxslt packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-23T00:00:00", "type": "nessus", "title": "Debian DLA-1860-1 : libxslt security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2016-4609", "CVE-2016-4610", "CVE-2019-13117", "CVE-2019-13118"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libxslt1-dbg", "p-cpe:/a:debian:debian_linux:libxslt1-dev", "p-cpe:/a:debian:debian_linux:libxslt1.1", "p-cpe:/a:debian:debian_linux:python-libxslt1", "p-cpe:/a:debian:debian_linux:python-libxslt1-dbg", "p-cpe:/a:debian:debian_linux:xsltproc", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/126926", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1860-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126926);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2016-4609\", \"CVE-2016-4610\", \"CVE-2019-13117\", \"CVE-2019-13118\");\n\n script_name(english:\"Debian DLA-1860-1 : libxslt security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were found in libxslt the XSLT 1.0 processing\nlibrary.\n\nCVE-2016-4610\n\nInvalid memory access leading to DoS at exsltDynMapFunction. libxslt\nallows remote attackers to cause a denial of service (memory\ncorruption) or possibly have unspecified other impact via unknown\nvectors.\n\nCVE-2016-4609\n\nOut-of-bounds read at xmlGetLineNoInternal() libxslt allows remote\nattackers to cause a denial of service (memory corruption) or possibly\nhave unspecified other impact via unknown vectors.\n\nCVE-2019-13117\n\nAn xsl:number with certain format strings could lead to an\nuninitialized read in xsltNumberFormatInsertNumbers. This could allow\nan attacker to discern whether a byte on the stack contains the\ncharacters A, a, I, i, or 0, or any other character.\n\nCVE-2019-13118\n\nA type holding grouping characters of an xsl:number instruction was\ntoo narrow and an invalid character/length combination could be passed\nto xsltNumberFormatDecimal, leading to a read of uninitialized stack\ndata.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n1.1.28-2+deb8u5.\n\nWe recommend that you upgrade your libxslt packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/libxslt\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxslt1.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxslt1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:python-libxslt1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:xsltproc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2016/07/22\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/23\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1-dbg\", reference:\"1.1.28-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1-dev\", reference:\"1.1.28-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libxslt1.1\", reference:\"1.1.28-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxslt1\", reference:\"1.1.28-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"python-libxslt1-dbg\", reference:\"1.1.28-2+deb8u5\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"xsltproc\", reference:\"1.1.28-2+deb8u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:06:03", "description": "It was discovered that there were two heap buffer overflows in the Hyperloglog functionality provided by the Redis in-memory key-value database.\n\nFor Debian 8 'Jessie', these issues have been fixed in redis version 2:2.8.17-1+deb8u7.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-11T00:00:00", "type": "nessus", "title": "Debian DLA-1850-1 : redis security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:redis-server", "p-cpe:/a:debian:debian_linux:redis-tools", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1850.NASL", "href": "https://www.tenable.com/plugins/nessus/126606", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1850-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126606);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-10192\");\n\n script_name(english:\"Debian DLA-1850-1 : redis security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that there were two heap buffer overflows in the\nHyperloglog functionality provided by the Redis in-memory key-value\ndatabase.\n\nFor Debian 8 'Jessie', these issues have been fixed in redis version\n2:2.8.17-1+deb8u7.\n\nWe recommend that you upgrade your redis packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/07/msg00009.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/redis\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected redis-server, and redis-tools packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:redis-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"redis-server\", reference:\"2:2.8.17-1+deb8u7\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"redis-tools\", reference:\"2:2.8.17-1+deb8u7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:04:38", "description": "An update of the redis package has been released.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Redis PHSA-2019-2.0-0172", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192"], "modified": "2019-12-30T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:redis", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0172_REDIS.NASL", "href": "https://www.tenable.com/plugins/nessus/128713", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0172. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128713);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\"CVE-2019-10192\");\n\n script_name(english:\"Photon OS 2.0: Redis PHSA-2019-2.0-0172\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the redis package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-172.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"redis-4.0.10-2.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"redis-debuginfo-4.0.10-2.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redis\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-08-26T00:04:38", "description": "An update of the redis package has been released.", "cvss3": {"score": 7.2, "vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Redis PHSA-2019-1.0-0247", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10192"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:redis", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0247_REDIS.NASL", "href": "https://www.tenable.com/plugins/nessus/128165", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0247. The text\n# itself is copyright (C) VMware, Inc.\n\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128165);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-10192\");\n\n script_name(english:\"Photon OS 1.0: Redis PHSA-2019-1.0-0247\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the redis package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-247.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-10192\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:redis\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"redis-4.0.10-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"redis-debuginfo-4.0.10-2.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"redis\");\n}\n", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-02-19T13:03:53", "description": "It was discovered that systemd incorrectly handled certain PIDFile files. A local attacker could possibly use this issue to trick systemd into killing privileged processes. This issue only affected Ubuntu 16.04 LTS. (CVE-2018-16888)\n\nIt was discovered that systemd incorrectly handled certain udevadm trigger commands. A local attacker could possibly use this issue to cause systemd to consume resources, leading to a denial of service.\n(CVE-2019-20386)\n\nJann Horn discovered that systemd incorrectly handled services that use the DynamicUser property. A local attacker could possibly use this issue to access resources owned by a different service in the future.\nThis issue only affected Ubuntu 18.04 LTS. (CVE-2019-3843, CVE-2019-3844)\n\nTavis Ormandy discovered that systemd incorrectly handled certain Polkit queries. A local attacker could use this issue to cause systemd to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. (CVE-2020-1712).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.8, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-02-06T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : systemd vulnerabilities (USN-4269-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16888", "CVE-2019-20386", "CVE-2019-3843", "CVE-2019-3844", "CVE-2020-1712"], "modified": "2020-02-10T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:systemd", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:19.10"], "id": "UBUNTU_USN-4269-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133523", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4269-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133523);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/02/10\");\n\n script_cve_id(\"CVE-2018-16888\", \"CVE-2019-20386\", \"CVE-2019-3843\", \"CVE-2019-3844\", \"CVE-2020-1712\");\n script_xref(name:\"USN\", value:\"4269-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 19.10 : systemd vulnerabilities (USN-4269-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that systemd incorrectly handled certain PIDFile\nfiles. A local attacker could possibly use this issue to trick systemd\ninto killing privileged processes. This issue only affected Ubuntu\n16.04 LTS. (CVE-2018-16888)\n\nIt was discovered that systemd incorrectly handled certain udevadm\ntrigger commands. A local attacker could possibly use this issue to\ncause systemd to consume resources, leading to a denial of service.\n(CVE-2019-20386)\n\nJann Horn discovered that systemd incorrectly handled services that\nuse the DynamicUser property. A local attacker could possibly use this\nissue to access resources owned by a different service in the future.\nThis issue only affected Ubuntu 18.04 LTS. (CVE-2019-3843,\nCVE-2019-3844)\n\nTavis Ormandy discovered that systemd incorrectly handled certain\nPolkit queries. A local attacker could use this issue to cause systemd\nto crash, resulting in a denial of service, or possibly execute\narbitrary code and escalate privileges. (CVE-2020-1712).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4269-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected systemd package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:systemd\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/02/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/02/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|19\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 19.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"systemd\", pkgver:\"229-4ubuntu21.27\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"systemd\", pkgver:\"237-3ubuntu10.38\")) flag++;\nif (ubuntu_check(osver:\"19.10\", pkgname:\"systemd\", pkgver:\"242-7ubuntu3.6\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"systemd\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-20T15:00:07", "description": "An update of the gnupg package has been released.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-06-25T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Gnupg PHSA-2019-1.0-0237", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2022-05-19T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:gnupg", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0237_GNUPG.NASL", "href": "https://www.tenable.com/plugins/nessus/126197", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0237. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126197);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/19\");\n\n script_cve_id(\"CVE-2018-1000858\");\n script_bugtraq_id(106358);\n\n script_name(english:\"Photon OS 1.0: Gnupg PHSA-2019-1.0-0237\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the gnupg package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-237.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-1000858\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/06/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"gnupg-2.2.15-1.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"gnupg-debuginfo-2.2.15-1.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:25", "description": "This update for gpg2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2018-1000858: Fixed a Cross Site Request Forgery(CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF (bsc#1120346).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-08T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : gpg2 (SUSE-SU-2019:0023-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2020-02-26T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:gpg2", "p-cpe:/a:novell:suse_linux:gpg2-debuginfo", "p-cpe:/a:novell:suse_linux:gpg2-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0023-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121003", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0023-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121003);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/26\");\n\n script_cve_id(\"CVE-2018-1000858\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : gpg2 (SUSE-SU-2019:0023-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gpg2 fixes the following issue :\n\nSecurity issue fixed :\n\nCVE-2018-1000858: Fixed a Cross Site Request Forgery(CSRF)\nvulnerability in dirmngr that can result in Attacker controlled CSRF\n(bsc#1120346).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1120346\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-1000858/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190023-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bcd2e299\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-23=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gpg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gpg2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:gpg2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gpg2-2.2.5-4.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gpg2-debuginfo-2.2.5-4.6.2\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"gpg2-debugsource-2.2.5-4.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gpg2-2.2.5-4.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gpg2-debuginfo-2.2.5-4.6.2\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"gpg2-debugsource-2.2.5-4.6.2\")) flag++;\n\n\nif (flag)\n{\n set_kb_item(name:'www/0/XSRF', value:TRUE);\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gpg2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:08", "description": "Ben Fuhrmannek discovered that GnuPG incorrectly handled Web Key Directory lookups. A remote attacker could possibly use this issue to cause a denial of service, or perform Cross-Site Request Forgery attacks.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-11T00:00:00", "type": "nessus", "title": "Ubuntu 18.04 LTS / 18.10 : GnuPG vulnerability (USN-3853-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2020-09-17T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:gnupg", "p-cpe:/a:canonical:ubuntu_linux:gpg-wks-client", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10"], "id": "UBUNTU_USN-3853-1.NASL", "href": "https://www.tenable.com/plugins/nessus/121095", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-3853-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121095);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/17\");\n\n script_cve_id(\"CVE-2018-1000858\");\n script_xref(name:\"USN\", value:\"3853-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS / 18.10 : GnuPG vulnerability (USN-3853-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Ben Fuhrmannek discovered that GnuPG incorrectly handled Web Key\nDirectory lookups. A remote attacker could possibly use this issue to\ncause a denial of service, or perform Cross-Site Request Forgery\nattacks.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/3853-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected gnupg and / or gpg-wks-client packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gnupg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:gpg-wks-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04|18\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 18.04 / 18.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"18.04\", pkgname:\"gnupg\", pkgver:\"2.2.4-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"gpg-wks-client\", pkgver:\"2.2.4-1ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"gnupg\", pkgver:\"2.2.8-3ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"gpg-wks-client\", pkgver:\"2.2.8-3ubuntu1.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg / gpg-wks-client\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-08-19T12:29:20", "description": "This update for gpg2 fixes the following issue :\n\nSecurity issue fixed :\n\n - CVE-2018-1000858: Fixed a Cross Site Request Forgery(CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF (bsc#1120346).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "openSUSE Security Update : gpg2 (openSUSE-2019-20)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:gpg2", "p-cpe:/a:novell:opensuse:gpg2-debuginfo", "p-cpe:/a:novell:opensuse:gpg2-debugsource", "p-cpe:/a:novell:opensuse:gpg2-lang", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-20.NASL", "href": "https://www.tenable.com/plugins/nessus/121148", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-20.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(121148);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-1000858\");\n\n script_name(english:\"openSUSE Security Update : gpg2 (openSUSE-2019-20)\");\n script_summary(english:\"Check for the openSUSE-2019-20 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for gpg2 fixes the following issue :\n\nSecurity issue fixed :\n\n - CVE-2018-1000858: Fixed a Cross Site Request\n Forgery(CSRF) vulnerability in dirmngr that can result\n in Attacker controlled CSRF (bsc#1120346).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1120346\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected gpg2 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gpg2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gpg2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gpg2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:gpg2-lang\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gpg2-2.2.5-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gpg2-debuginfo-2.2.5-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gpg2-debugsource-2.2.5-lp150.3.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"gpg2-lang-2.2.5-lp150.3.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gpg2 / gpg2-debuginfo / gpg2-debugsource / gpg2-lang\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T00:46:17", "description": "Minor update to upstream version 2.2.12 fixing moderate security issue and other bugs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-14T00:00:00", "type": "nessus", "title": "Fedora 29 : gnupg2 (2019-75a8da28f0)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg2", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-75A8DA28F0.NASL", "href": "https://www.tenable.com/plugins/nessus/121140", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-75a8da28f0.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121140);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-1000858\");\n script_xref(name:\"FEDORA\", value:\"2019-75a8da28f0\");\n\n script_name(english:\"Fedora 29 : gnupg2 (2019-75a8da28f0)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update to upstream version 2.2.12 fixing moderate security issue\nand other bugs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-75a8da28f0\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnupg2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"gnupg2-2.2.12-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-16T00:45:48", "description": "Minor update to upstream version 2.2.12 fixing moderate security issue and other bugs.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2019-01-22T00:00:00", "type": "nessus", "title": "Fedora 28 : gnupg2 (2019-e70c729d8a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-1000858"], "modified": "2020-02-24T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:gnupg2", "cpe:/o:fedoraproject:fedora:28"], "id": "FEDORA_2019-E70C729D8A.NASL", "href": "https://www.tenable.com/plugins/nessus/121270", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-e70c729d8a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(121270);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/02/24\");\n\n script_cve_id(\"CVE-2018-1000858\");\n script_xref(name:\"FEDORA\", value:\"2019-e70c729d8a\");\n\n script_name(english:\"Fedora 28 : gnupg2 (2019-e70c729d8a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Minor update to upstream version 2.2.12 fixing moderate security issue\nand other bugs.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-e70c729d8a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected gnupg2 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:gnupg2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:28\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/12/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/01/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^28([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 28\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC28\", reference:\"gnupg2-2.2.12-1.fc28\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"gnupg2\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:42:08", "description": "Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 4.0.5+dfsg-2+deb8u2.\n\nWe recommend that you upgrade your zeromq3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Debian DLA-1849-1 : zeromq3 security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libzmq3", "p-cpe:/a:debian:debian_linux:libzmq3-dbg", "p-cpe:/a:debian:debian_linux:libzmq3-dev", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1849.NASL", "href": "https://www.tenable.com/plugins/nessus/126528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1849-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(126528);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"Debian DLA-1849-1 : zeromq3 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ,\na lightweight messaging kernel library. A remote, unauthenticated\nclient connecting to an application using the libzmq library, running\nwith a socket listening with CURVE encryption/authentication enabled,\ncan take advantage of this flaw to cause a denial of service or the\nexecution of arbitrary code.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n4.0.5+dfsg-2+deb8u2.\n\nWe recommend that you upgrade your zeromq3 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/zeromq3\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected libzmq3, libzmq3-dbg, and libzmq3-dev packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libzmq3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libzmq3-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libzmq3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libzmq3\", reference:\"4.0.5+dfsg-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libzmq3-dbg\", reference:\"4.0.5+dfsg-2+deb8u2\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"libzmq3-dev\", reference:\"4.0.5+dfsg-2+deb8u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:40:19", "description": "It was discovered that ZeroMQ incorrectly handled certain application metadata. A remote attacker could use this issue to cause ZeroMQ to crash, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : zeromq3 vulnerability (USN-4050-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libzmq5", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.10", "cpe:/o:canonical:ubuntu_linux:19.04"], "id": "UBUNTU_USN-4050-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126566", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4050-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126566);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"USN\", value:\"4050-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : zeromq3 vulnerability (USN-4050-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that ZeroMQ incorrectly handled certain application\nmetadata. A remote attacker could use this issue to cause ZeroMQ to\ncrash, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4050-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libzmq5 package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libzmq5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:19.04\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|18\\.10|19\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04 / 18.10 / 19.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"libzmq5\", pkgver:\"4.1.4-7ubuntu0.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"libzmq5\", pkgver:\"4.2.5-1ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"18.10\", pkgname:\"libzmq5\", pkgver:\"4.2.5-2ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"19.04\", pkgname:\"libzmq5\", pkgver:\"4.3.1-3ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libzmq5\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:41:28", "description": "This update for zeromq fixes the following issues :\n\n - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. (bsc#1140255)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-10T00:00:00", "type": "nessus", "title": "SUSE SLED12 Security Update : zeromq (SUSE-SU-2019:1785-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libzmq3", "p-cpe:/a:novell:suse_linux:libzmq3-debuginfo", "p-cpe:/a:novell:suse_linux:zeromq-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-1785-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126596", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1785-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126596);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"SUSE SLED12 Security Update : zeromq (SUSE-SU-2019:1785-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for zeromq fixes the following issues :\n\n - CVE-2019-13132: An unauthenticated remote attacker could\n have exploited a stack overflow vulnerability on a\n server that is supposed to be protected by encryption\n and authentication to potentially gain a remote code\n execution. (bsc#1140255)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13132/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191785-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d17d5f39\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Manager Tools 12:zypper in -t patch\nSUSE-SLE-Manager-Tools-12-2019-1785=1\n\nSUSE Manager Server 3.2:zypper in -t patch\nSUSE-SUSE-Manager-Server-3.2-2019-1785=1\n\nSUSE Manager Proxy 3.2:zypper in -t patch\nSUSE-SUSE-Manager-Proxy-3.2-2019-1785=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-1785=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-1785=1\n\nSUSE Linux Enterprise Point of Sale 12-SP2:zypper in -t patch\nSUSE-SLE-POS-12-SP2-2019-1785=1\n\nSUSE Linux Enterprise Module for Advanced Systems Management 12:zypper\nin -t patch SUSE-SLE-Module-Adv-Systems-Management-12-2019-1785=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-1785=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2019-1785=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2019-1785=1\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libzmq3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libzmq3-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:zeromq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libzmq3-4.0.4-15.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libzmq3-debuginfo-4.0.4-15.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"zeromq-debugsource-4.0.4-15.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:40:19", "description": "This update for zeromq fixes the following issues :\n\nCVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. (bsc#1140255)\n\nCorrectly mark license files as licence instead of documentation (bsc#1082318)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : zeromq (SUSE-SU-2019:1776-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libzmq5", "p-cpe:/a:novell:suse_linux:libzmq5-debuginfo", "p-cpe:/a:novell:suse_linux:zeromq-debugsource", "p-cpe:/a:novell:suse_linux:zeromq-devel", "p-cpe:/a:novell:suse_linux:zeromq-tools", "p-cpe:/a:novell:suse_linux:zeromq-tools-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-1776-1.NASL", "href": "https://www.tenable.com/plugins/nessus/126562", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:1776-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126562);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : zeromq (SUSE-SU-2019:1776-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for zeromq fixes the following issues :\n\nCVE-2019-13132: An unauthenticated remote attacker could have\nexploited a stack overflow vulnerability on a server that is supposed\nto be protected by encryption and authentication to potentially gain a\nremote code execution. (bsc#1140255)\n\nCorrectly mark license files as licence instead of documentation\n(bsc#1082318)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1082318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1140255\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-13132/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20191776-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?2cf53598\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-1776=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-1776=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-1776=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-1776=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libzmq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libzmq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:zeromq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:zeromq-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:zeromq-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:zeromq-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libzmq5-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libzmq5-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"zeromq-debugsource-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"zeromq-devel-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"zeromq-tools-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"zeromq-tools-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libzmq5-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libzmq5-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"zeromq-debugsource-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"zeromq-devel-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"zeromq-tools-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"zeromq-tools-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libzmq5-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libzmq5-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"zeromq-debugsource-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"zeromq-devel-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"zeromq-tools-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"zeromq-tools-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libzmq5-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libzmq5-debuginfo-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"zeromq-debugsource-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"zeromq-devel-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"zeromq-tools-4.2.3-3.8.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"zeromq-tools-debuginfo-4.2.3-3.8.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:43:03", "description": "Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a lightweight messaging kernel library. A remote, unauthenticated client connecting to an application using the libzmq library, running with a socket listening with CURVE encryption/authentication enabled, can take advantage of this flaw to cause a denial of service or the execution of arbitrary code.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-09T00:00:00", "type": "nessus", "title": "Debian DSA-4477-1 : zeromq3 - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-08T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:zeromq3", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4477.NASL", "href": "https://www.tenable.com/plugins/nessus/126529", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4477. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126529);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"DSA\", value:\"4477\");\n\n script_name(english:\"Debian DSA-4477-1 : zeromq3 - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Fang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ,\na lightweight messaging kernel library. A remote, unauthenticated\nclient connecting to an application using the libzmq library, running\nwith a socket listening with CURVE encryption/authentication enabled,\ncan take advantage of this flaw to cause a denial of service or the\nexecution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/zeromq3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/zeromq3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/zeromq3\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4477\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the zeromq3 packages.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 4.2.1-4+deb9u2.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.3.1-4+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:zeromq3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"libzmq3-dev\", reference:\"4.3.1-4+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libzmq5\", reference:\"4.3.1-4+deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libzmq3-dev\", reference:\"4.2.1-4+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libzmq5\", reference:\"4.2.1-4+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libzmq5-dbg\", reference:\"4.2.1-4+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-12T14:54:43", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE- SU-2019:14117-1 advisory.\n\n - In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations. (CVE-2019-13132)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : zeromq (SUSE-SU-2019:14117-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2021-06-10T00:00:00", "cpe": ["cpe:2.3:o:novell:suse_linux:11:*:*:*:*:*:*:*", "p-cpe:2.3:a:novell:suse_linux:libzmq3:*:*:*:*:*:*:*"], "id": "SUSE_SU-2019-14117-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150684", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14117-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150684);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/10\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14117-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : zeromq (SUSE-SU-2019:14117-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by a vulnerability as referenced in the SUSE-\nSU-2019:14117-1 advisory.\n\n - In ZeroMQ libzmq before 4.0.9, 4.1.x before 4.1.7, and 4.2.x before 4.3.2, a remote, unauthenticated\n client connecting to a libzmq application, running with a socket listening with CURVE\n encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data,\n due to a buffer overflow in the library. Users running public servers with the above configuration are\n highly encouraged to upgrade as soon as possible, as there are no known mitigations. (CVE-2019-13132)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1140255\");\n # https://lists.suse.com/pipermail/sle-security-updates/2019-July/005673.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6745f120\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-13132\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libzmq3 package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libzmq3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP3/4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'libzmq3-4.0.4-3.3', 'sp':'3', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.3'},\n {'reference':'libzmq3-4.0.4-3.3', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'libzmq3-4.0.4-3.3', 'sp':'3', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.3'},\n {'reference':'libzmq3-4.0.4-3.3', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libzmq3');\n}\n", "cvss": {"score": 7.5, "vector": "CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-31T14:57:11", "description": "Fang-Pen Lin reports :\n\nA remote, unauthenticated client connecting to a libzmq application, running with a socket listening with CURVE encryption/authentication enabled, may cause a stack overflow and overwrite the stack with arbitrary data, due to a buffer overflow in the library. Users running public servers with the above configuration are highly encouraged to upgrade as soon as possible, as there are no known mitigations.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2021-05-26T00:00:00", "type": "nessus", "title": "FreeBSD : libzmq4 -- Stack overflow (6954a2b0-bda8-11eb-a04e-641c67a117d8)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2021-06-01T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:libzmq4", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_6954A2B0BDA811EBA04E641C67A117D8.NASL", "href": "https://www.tenable.com/plugins/nessus/149977", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2021 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(149977);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/01\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"FreeBSD : libzmq4 -- Stack overflow (6954a2b0-bda8-11eb-a04e-641c67a117d8)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Fang-Pen Lin reports :\n\nA remote, unauthenticated client connecting to a libzmq application,\nrunning with a socket listening with CURVE encryption/authentication\nenabled, may cause a stack overflow and overwrite the stack with\narbitrary data, due to a buffer overflow in the library. Users running\npublic servers with the above configuration are highly encouraged to\nupgrade as soon as possible, as there are no known mitigations.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/zeromq/libzmq/releases/tag/v4.3.2\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/zeromq/libzmq/issues/3558\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=255102\"\n );\n # https://vuxml.freebsd.org/freebsd/6954a2b0-bda8-11eb-a04e-641c67a117d8.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?359ba499\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:libzmq4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/06/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"libzmq4<4.3.2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:40:52", "description": "This update for zeromq fixes the following issues :\n\n - CVE-2019-13132: An unauthenticated remote attacker could have exploited a stack overflow vulnerability on a server that is supposed to be protected by encryption and authentication to potentially gain a remote code execution. (bsc#1140255)\n\n - Correctly mark license files as licence instead of documentation (bsc#1082318)\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-07-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : zeromq (openSUSE-2019-1767)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-09-23T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libzmq5", "p-cpe:/a:novell:opensuse:libzmq5-debuginfo", "p-cpe:/a:novell:opensuse:zeromq-debugsource", "p-cpe:/a:novell:opensuse:zeromq-devel", "p-cpe:/a:novell:opensuse:zeromq-tools", "p-cpe:/a:novell:opensuse:zeromq-tools-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-1767.NASL", "href": "https://www.tenable.com/plugins/nessus/126902", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1767.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(126902);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/23\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"openSUSE Security Update : zeromq (openSUSE-2019-1767)\");\n script_summary(english:\"Check for the openSUSE-2019-1767 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for zeromq fixes the following issues :\n\n - CVE-2019-13132: An unauthenticated remote attacker could\n have exploited a stack overflow vulnerability on a\n server that is supposed to be protected by encryption\n and authentication to potentially gain a remote code\n execution. (bsc#1140255)\n\n - Correctly mark license files as licence instead of\n documentation (bsc#1082318)\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1082318\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1140255\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected zeromq packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libzmq5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libzmq5-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:zeromq-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:zeromq-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:zeromq-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:zeromq-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libzmq5-4.2.3-lp151.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libzmq5-debuginfo-4.2.3-lp151.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"zeromq-debugsource-4.2.3-lp151.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"zeromq-devel-4.2.3-lp151.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"zeromq-tools-4.2.3-lp151.5.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"zeromq-tools-debuginfo-4.2.3-lp151.5.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libzmq5 / libzmq5-debuginfo / zeromq-debugsource / zeromq-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:50:01", "description": "An update of the zeromq package has been released.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 1.0: Zeromq PHSA-2019-1.0-0245", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:zeromq", "cpe:/o:vmware:photonos:1.0"], "id": "PHOTONOS_PHSA-2019-1_0-0245_ZEROMQ.NASL", "href": "https://www.tenable.com/plugins/nessus/128167", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-1.0-0245. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128167);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"Photon OS 1.0: Zeromq PHSA-2019-1.0-0245\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the zeromq package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-1.0-245.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:1.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 1\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 1.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"zeromq-4.1.4-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"zeromq-debuginfo-4.1.4-2.ph1\")) flag++;\nif (rpm_check(release:\"PhotonOS-1.0\", reference:\"zeromq-devel-4.1.4-2.ph1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:52:48", "description": "An update of the zeromq package has been released.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-09-12T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Zeromq PHSA-2019-2.0-0171", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2019-12-30T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:zeromq", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0171_ZEROMQ.NASL", "href": "https://www.tenable.com/plugins/nessus/128723", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0171. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128723);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/30\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"Photon OS 2.0: Zeromq PHSA-2019-2.0-0171\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the zeromq package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-171.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"zeromq-4.1.4-4.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"zeromq-debuginfo-4.1.4-4.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"zeromq-devel-4.1.4-4.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:48:48", "description": "An update of the zeromq package has been released.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Zeromq PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:zeromq", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_ZEROMQ.NASL", "href": "https://www.tenable.com/plugins/nessus/128162", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128162);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13132\");\n\n script_name(english:\"Photon OS 3.0: Zeromq PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the zeromq package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-13132\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"zeromq-4.2.3-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"zeromq-debuginfo-4.2.3-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"zeromq-devel-4.2.3-2.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T19:00:37", "description": "Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-03T00:00:00", "type": "nessus", "title": "Fedora 29 : zeromq (2019-4d8f9a9235)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:zeromq", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-4D8F9A9235.NASL", "href": "https://www.tenable.com/plugins/nessus/129541", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4d8f9a9235.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129541);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"FEDORA\", value:\"2019-4d8f9a9235\");\n\n script_name(english:\"Fedora 29 : zeromq (2019-4d8f9a9235)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4d8f9a9235\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zeromq package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"zeromq-4.1.7-1.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:59:00", "description": "Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-03T00:00:00", "type": "nessus", "title": "Fedora 30 : zeromq (2019-8916b4e890)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:zeromq", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-8916B4E890.NASL", "href": "https://www.tenable.com/plugins/nessus/129543", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-8916b4e890.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129543);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"FEDORA\", value:\"2019-8916b4e890\");\n\n script_name(english:\"Fedora 30 : zeromq (2019-8916b4e890)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-8916b4e890\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zeromq package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"zeromq-4.3.2-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:59:51", "description": "Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-10-07T00:00:00", "type": "nessus", "title": "Fedora 31 : zeromq (2019-d20ce4d5a1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:zeromq", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-D20CE4D5A1.NASL", "href": "https://www.tenable.com/plugins/nessus/129649", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-d20ce4d5a1.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129649);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"FEDORA\", value:\"2019-d20ce4d5a1\");\n\n script_name(english:\"Fedora 31 : zeromq (2019-d20ce4d5a1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-13132\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-d20ce4d5a1\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected zeromq package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"zeromq-4.3.2-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"zeromq\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-05-30T18:48:48", "description": "The remote host is affected by the vulnerability described in GLSA-201908-17 (ZeroMQ: Arbitrary code execution)\n\n A buffer overflow was discovered in ZeroMQ.\n Impact :\n\n An attacker could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {"score": 9.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}, "published": "2019-08-20T00:00:00", "type": "nessus", "title": "GLSA-201908-17 : ZeroMQ: Arbitrary code execution", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-13132"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:zeromq", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201908-17.NASL", "href": "https://www.tenable.com/plugins/nessus/127966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201908-17.\n#\n# The advisory text is Copyright (C) 2001-2020 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(127966);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-13132\");\n script_xref(name:\"GLSA\", value:\"201908-17\");\n\n script_name(english:\"GLSA-201908-17 : ZeroMQ: Arbitrary code execution\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201908-17\n(ZeroMQ: Arbitrary code execution)\n\n A buffer overflow was discovered in ZeroMQ.\n \nImpact :\n\n An attacker could possibly execute arbitrary code with the privileges of\n the process or cause a Denial of Service condition.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201908-17\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All ZeroMQ users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-libs/zeromq-4.3.2'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:zeromq\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/07/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"net-libs/zeromq\", unaffected:make_list(\"ge 4.3.2\"), vulnerable:make_list(\"lt 4.3.2\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ZeroMQ\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-02T00:24:59", "description": "The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11115 advisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-15T00:00:00", "type": "nessus", "title": "Juniper Junos OS Vulnerability (JSA11115)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-04-15T00:00:00", "cpe": ["cpe:/o:juniper:junos"], "id": "JUNIPER_JSA11115.NASL", "href": "https://www.tenable.com/plugins/nessus/148664", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148664);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/15\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"JSA\", value:\"2014-07 Security Bulletin\");\n script_xref(name:\"JSA\", value:\"2017-05 Out of Cycle Security Bulletin\");\n script_xref(name:\"JSA\", value:\"2018-10 Security Bulletin\");\n script_xref(name:\"JSA\", value:\"2015-10 Out of Cycle Security Bulletin\");\n script_xref(name:\"JSA\", value:\"2017-04 Security Bulletin\");\n script_xref(name:\"JSA\", value:\"2021-04 Security Bulletin\");\n script_xref(name:\"JSA\", value:\"JSA11115\");\n\n script_name(english:\"Juniper Junos OS Vulnerability (JSA11115)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote device is missing a vendor-supplied security patch.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA11115\nadvisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA10613\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA10663\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA10898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA10711\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA10776\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA11171\");\n script_set_attribute(attribute:\"see_also\", value:\"https://kb.juniper.net/JSA11115\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the relevant Junos software release referenced in Juniper advisory JSA11115\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:juniper:junos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Junos Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"junos_version.nasl\");\n script_require_keys(\"Host/Juniper/JUNOS/Version\", \"Host/Juniper/model\");\n\n exit(0);\n}\n\ninclude('junos.inc');\n\nmodel = get_kb_item_or_exit('Host/Juniper/model');\nif (model !~ \"^(EX|EX23|EX34|SRX)\")\n{\n audit(AUDIT_DEVICE_NOT_VULN, model);\n}\n\nver = get_kb_item_or_exit('Host/Juniper/JUNOS/Version');\n\nvuln_ranges = [\n {'min_ver':'15.1', 'fixed_ver':'15.1R7-S6'},\n {'min_ver':'16.1', 'fixed_ver':'16.1R7-S7'},\n {'min_ver':'16.2', 'fixed_ver':'16.2R2-S11'},\n {'min_ver':'17.1', 'fixed_ver':'17.1R2-S11'},\n {'min_ver':'17.2', 'fixed_ver':'17.2R1-S9'},\n {'min_ver':'17.3', 'fixed_ver':'17.3R2-S5'},\n {'min_ver':'17.4', 'fixed_ver':'17.4R2-S9'},\n {'min_ver':'18.1', 'fixed_ver':'18.1R3-S9'},\n {'min_ver':'18.2', 'fixed_ver':'18.2R2-S6'},\n {'min_ver':'18.3', 'fixed_ver':'18.3R1-S7'},\n {'min_ver':'18.4', 'fixed_ver':'18.4R1-S5'},\n {'min_ver':'19.1', 'fixed_ver':'19.1R1-S4'},\n {'min_ver':'19.2', 'fixed_ver':'19.2R1-S3'},\n {'min_ver':'19.3', 'fixed_ver':'19.3R1-S1'}\n];\nif (model =~ '^EX')\n{\n append_element(var:vuln_ranges, value:{'min_ver':'12.3', 'fixed_ver':'12.3R12-S15'});\n append_element(var:vuln_ranges, value:{'min_ver':'14.1X53', 'fixed_ver':'14.1X53-D140'});\n}\nif (model =~ '^SRX')\n{\n append_element(var:vuln_ranges, value:{'min_ver':'12.3X48', 'fixed_ver':'12.3X48-D95'});\n append_element(var:vuln_ranges, value:{'min_ver':'15.1X49', 'fixed_ver':'15.1X49-D200'});\n}\nif (model =~ '^(EX23|EX34)')\n{\n append_element(var:vuln_ranges, value:{'min_ver':'15.1X53', 'fixed_ver':'15.1X53-D593'});\n}\n\nfix = junos_compare_range(target_version:ver, vuln_ranges:vuln_ranges);\nif (empty_or_null(fix)) audit(AUDIT_INST_VER_NOT_VULN, 'Junos OS', ver);\nreport = get_report(ver:ver, fix:fix);\nsecurity_report_v4(severity:SECURITY_WARNING, port:0, extra:report);\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-12-02T00:25:02", "description": "The remote Ubuntu 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in the USN-4563-2 advisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2021-04-20T00:00:00", "type": "nessus", "title": "Ubuntu 20.04 LTS / 20.10 : NTP vulnerability (USN-4563-2)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-04-20T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:ntp", "p-cpe:/a:canonical:ubuntu_linux:ntpdate", "p-cpe:/a:canonical:ubuntu_linux:sntp"], "id": "UBUNTU_USN-4563-2.NASL", "href": "https://www.tenable.com/plugins/nessus/148842", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4563-2. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(148842);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/20\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"USN\", value:\"4563-2\");\n\n script_name(english:\"Ubuntu 20.04 LTS / 20.10 : NTP vulnerability (USN-4563-2)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 20.04 LTS / 20.10 host has packages installed that are affected by a vulnerability as referenced in\nthe USN-4563-2 advisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4563-2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp, ntpdate and / or sntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sntp\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021 Canonical, Inc. / NASL script (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '20.04', 'pkgname': 'ntp', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.04.1'},\n {'osver': '20.04', 'pkgname': 'ntpdate', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.04.1'},\n {'osver': '20.04', 'pkgname': 'sntp', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.04.1'},\n {'osver': '20.10', 'pkgname': 'ntp', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.10.1'},\n {'osver': '20.10', 'pkgname': 'ntpdate', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.10.1'},\n {'osver': '20.10', 'pkgname': 'sntp', 'pkgver': '1:4.2.8p12+dfsg-3ubuntu4.20.10.1'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ntp / ntpdate / sntp');\n}", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:34", "description": "Security fix for CVE-2019-8936\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-02T00:00:00", "type": "nessus", "title": "Fedora 30 : ntp (2019-b0c7f0d94a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-01-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:ntp", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-B0C7F0D94A.NASL", "href": "https://www.tenable.com/plugins/nessus/124532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b0c7f0d94a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124532);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"FEDORA\", value:\"2019-b0c7f0d94a\");\n\n script_name(english:\"Fedora 30 : ntp (2019-b0c7f0d94a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-8936\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b0c7f0d94a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"ntp-4.2.8p13-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:20:58", "description": "An update of the ntp package has been released.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-08-26T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Ntp PHSA-2019-3.0-0024", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:ntp", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL", "href": "https://www.tenable.com/plugins/nessus/128156", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128156);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"Photon OS 3.0: Ntp PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the ntp package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-4.2.8p13-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-debuginfo-4.2.8p13-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-perl-4.2.8p13-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:28:09", "description": "New ntp packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-11T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : ntp (SSA:2019-067-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ntp", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-067-01.NASL", "href": "https://www.tenable.com/plugins/nessus/122740", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-067-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122740);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"SSA\", value:\"2019-067-01\");\n script_xref(name:\"IAVA\", value:\"2019-A-0078-S\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : ntp (SSA:2019-067-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New ntp packages are available for Slackware 14.0, 14.1, 14.2, and\n-current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.435412\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?edc2c457\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"ntp\", pkgver:\"4.2.8p13\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:22:44", "description": "NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. (CVE-2019-8936)", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-21T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ntp (ALAS-2019-1206)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-01-15T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ntp", "p-cpe:/a:amazon:linux:ntp-debuginfo", "p-cpe:/a:amazon:linux:ntp-doc", "p-cpe:/a:amazon:linux:ntp-perl", "p-cpe:/a:amazon:linux:ntpdate", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1206.NASL", "href": "https://www.tenable.com/plugins/nessus/125292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1206.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125292);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"ALAS\", value:\"2019-1206\");\n\n script_name(english:\"Amazon Linux AMI : ntp (ALAS-2019-1206)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NTP has a NULL pointer dereference attack in an authenticated mode 6\npacket. (CVE-2019-8936)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1206.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ntp' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ntp-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-debuginfo-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-doc-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-perl-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntpdate-4.2.8p12-1.41.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-doc / ntp-perl / ntpdate\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:21:33", "description": "According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-07-25T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ntp (EulerOS-SA-2019-1769)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntp", "p-cpe:/a:huawei:euleros:ntpdate", "p-cpe:/a:huawei:euleros:sntp", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1769.NASL", "href": "https://www.tenable.com/plugins/nessus/127006", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(127006);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : ntp (EulerOS-SA-2019-1769)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1769\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?26b51333\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/07/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntp-4.2.8p12-1.h3.eulerosv2r8\",\n \"ntpdate-4.2.8p12-1.h3.eulerosv2r8\",\n \"sntp-4.2.8p12-1.h3.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:19:36", "description": "According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1860)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntp", "p-cpe:/a:huawei:euleros:ntpdate", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1860.NASL", "href": "https://www.tenable.com/plugins/nessus/128912", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128912);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1860)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1860\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?70b7ce72\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntp-4.2.6p5-25.1.h18\",\n \"ntpdate-4.2.6p5-25.1.h18\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:19:36", "description": "According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-16T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ntp (EulerOS-SA-2019-1878)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntp", "p-cpe:/a:huawei:euleros:ntpdate", "p-cpe:/a:huawei:euleros:sntp", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-1878.NASL", "href": "https://www.tenable.com/plugins/nessus/128801", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128801);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8936\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ntp (EulerOS-SA-2019-1878)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntp packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1878\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4246aeee\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntp-4.2.6p5-28.h9.eulerosv2r7\",\n \"ntpdate-4.2.6p5-28.h9.eulerosv2r7\",\n \"sntp-4.2.6p5-28.h9.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:22:38", "description": "According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference.i1/4^CVE-2019-8936i1/4%0\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1356)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ntp", "p-cpe:/a:huawei:euleros:ntpdate", "p-cpe:/a:huawei:euleros:sntp", "cpe:/o:huawei:euleros:uvp:2.5.3"], "id": "EULEROS_SA-2019-1356.NASL", "href": "https://www.tenable.com/plugins/nessus/124734", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(124734);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8936\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1356)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntp packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.i1/4^CVE-2019-8936i1/4%0\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1356\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4a03202c\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.3\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.3\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.3\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntp-4.2.6p5-25.0.1.h20\",\n \"ntpdate-4.2.6p5-25.0.1.h20\",\n \"sntp-4.2.6p5-25.0.1.h20\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:28:17", "description": "Network Time Foundation reports :\n\nA crafted malicious authenticated mode 6 (ntpq) packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd.\n\nNote that for this attack to work, the sending system must be on an address that the target's ntpd accepts mode 6 packets from, and must use a private key that is specifically listed as being used for mode 6 authorization.\n\nImpact: The ntpd daemon can crash due to the NULL pointer dereference, causing a denial of service.\n\nMitigation :\n\n- Use restrict noquery to limit addresses that can send mode 6 queries.\n\n- Limit access to the private controlkey in ntp.keys.\n\n- Upgrade to 4.2.8p13, or later.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-08T00:00:00", "type": "nessus", "title": "FreeBSD : ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet (c2576e14-36e2-11e9-9eda-206a8a720317)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-04-24T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ntp", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C2576E1436E211E99EDA206A8A720317.NASL", "href": "https://www.tenable.com/plugins/nessus/122685", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122685);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"FreeBSD\", value:\"SA-19:04.ntp\");\n script_xref(name:\"IAVA\", value:\"2019-A-0078-S\");\n\n script_name(english:\"FreeBSD : ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet (c2576e14-36e2-11e9-9eda-206a8a720317)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Network Time Foundation reports :\n\nA crafted malicious authenticated mode 6 (ntpq) packet from a\npermitted network address can trigger a NULL pointer dereference,\ncrashing ntpd.\n\nNote that for this attack to work, the sending system must be on an\naddress that the target's ntpd accepts mode 6 packets from, and must\nuse a private key that is specifically listed as being used for mode 6\nauthorization.\n\nImpact: The ntpd daemon can crash due to the NULL pointer dereference,\ncausing a denial of service.\n\nMitigation :\n\n- Use restrict noquery to limit addresses that can send mode 6\nqueries.\n\n- Limit access to the private controlkey in ntp.keys.\n\n- Upgrade to 4.2.8p13, or later.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://bugs.ntp.org/3565\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8936\"\n );\n # https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:N/AC:H/Au:M/C:N/I:N/A:C)\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?94fd2724\"\n );\n # https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:N/A:H\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1e53a476\"\n );\n # https://vuxml.freebsd.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7ffe46b7\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/01/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ntp<4.2.8p13\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:55", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-28T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : ntp (SUSE-SU-2019:0777-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ntp", "p-cpe:/a:novell:suse_linux:ntp-debuginfo", "p-cpe:/a:novell:suse_linux:ntp-debugsource", "p-cpe:/a:novell:suse_linux:ntp-doc", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-0777-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123451", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0777-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123451);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : ntp (SUSE-SU-2019:0777-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock\ndriver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190777-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7b5a69fe\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-777=1\n\nSUSE Linux Enterprise Module for Legacy Software 15:zypper in -t patch\nSUSE-SLE-Module-Legacy-15-2019-777=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntp-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntp-debuginfo-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntp-debugsource-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"ntp-doc-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntp-debuginfo-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntp-debugsource-4.2.8p13-4.6.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"ntp-doc-4.2.8p13-4.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:46", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther isses addressed: Fixed an issue which caused openSSL mismatch (bsc#1125401)\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-29T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-13T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ntp", "p-cpe:/a:novell:suse_linux:ntp-debuginfo", "p-cpe:/a:novell:suse_linux:ntp-debugsource", "p-cpe:/a:novell:suse_linux:ntp-doc", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0789-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0789-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123500);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther isses addressed: Fixed an issue which caused openSSL mismatch\n(bsc#1125401)\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190789-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7aeff43\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-789=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-789=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-789=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-789=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-789=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-789=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:28:18", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2020-01-27T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ntp", "p-cpe:/a:novell:suse_linux:ntp-debuginfo", "p-cpe:/a:novell:suse_linux:ntp-debugsource", "p-cpe:/a:novell:suse_linux:ntp-doc", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-0775-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123449", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0775-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123449);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock\ndriver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190775-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdf1ec04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2019-775=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-debuginfo-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-debugsource-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-doc-4.2.8p13-46.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:55", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed: Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182).\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-28T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ntp", "p-cpe:/a:novell:suse_linux:ntp-doc", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-13991-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:13991-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123454);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Make sure that SLE12 version is higher than\nthe one in SLE11 (bsc#1001182).\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-201913991-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?80312181\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ntp-13991=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ntp-13991=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ntp-4.2.8p13-64.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ntp-doc-4.2.8p13-64.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:34", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed :\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-04-05T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ntp (openSUSE-2019-1143)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ntp", "p-cpe:/a:novell:opensuse:ntp-debuginfo", "p-cpe:/a:novell:opensuse:ntp-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/123773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1143.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123773);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"openSUSE Security Update : ntp (openSUSE-2019-1143)\");\n script_summary(english:\"Check for the openSUSE-2019-1143 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed :\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-4.2.8p13-lp150.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-debuginfo-4.2.8p13-lp150.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-debugsource-4.2.8p13-lp150.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-debugsource\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-08-19T12:27:17", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\nOther isses addressed :\n\n - Fixed an issue which caused openSSL mismatch (bsc#1125401)\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update project.", "cvss3": {"score": 7.5, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-04-08T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ntp (openSUSE-2019-1158)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-8936"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ntp", "p-cpe:/a:novell:opensuse:ntp-debuginfo", "p-cpe:/a:novell:opensuse:ntp-debugsource", "cpe:/o:novell:opensuse:42.3"], "id": "OPENSUSE-2019-1158.NASL", "href": "https://www.tenable.com/plugins/nessus/123813", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1158.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123813);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"openSUSE Security Update : ntp (openSUSE-2019-1158)\");\n script_summary(english:\"Check for the openSUSE-2019-1158 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther isses addressed :\n\n - Fixed an issue which caused openSSL mismatch\n (bsc#1125401)\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1125401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-4.2.8p13-31.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-debuginfo-4.2.8p13-31.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-debugsource-4.2.8p13-31.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-debugsource\");\n}\n", "cvss": {"score": 5, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2022-03-26T13:16:32", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4480-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nJuly 11, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : redis\nCVE ID : CVE-2019-10192 CVE-2019-10193\n\nMultiple vulnerabilities were discovered in the HyperLogLog implementation\nof Redis, a persistent key-value database, which could result in denial\nof service or potentially the execution of arbitrary code.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 3:3.2.6-3+deb9u3.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 5:5.0.3-4+deb10u1.\n\nWe recommend that you upgrade your redis packages.\n\nFor the detailed security status of redis please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/redis\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-11T20:59:49", "type": "debian", "title": "[SECURITY] [DSA 4480-1] redis security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2019-07-11T20:59:49", "id": "DEBIAN:DSA-4480-1:6E38A", "href": "https://lists.debian.org/debian-security-announce/2019/msg00128.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-26T19:33:24", "description": "Package : libxslt\nVersion : 1.1.28-2+deb8u5\nCVE ID : CVE-2016-4609 CVE-2016-4610 CVE-2019-13117\n \t\t CVE-2019-13118\nDebian Bug : 932321 932320\n\nSeveral vulnerabilities were found in libxslt the XSLT 1.0 processing\nlibrary.\n\nCVE-2016-4610\n\n Invalid memory access leading to DoS at exsltDynMapFunction. libxslt\n allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2016-4609\n\n Out-of-bounds read at xmlGetLineNoInternal()\n libxslt allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2019-13117\n\n An xsl:number with certain format strings could lead to an\n uninitialized read in xsltNumberFormatInsertNumbers. This could\n allow an attacker to discern whether a byte on the stack contains\n the characters A, a, I, i, or 0, or any other character.\n\nCVE-2019-13118\n\n A type holding grouping characters of an xsl:number instruction was\n too narrow and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n1.1.28-2+deb8u5.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-22T16:16:47", "type": "debian", "title": "[SECURITY] [DLA 1860-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4609", "CVE-2016-4610", "CVE-2019-13117", "CVE-2019-13118"], "modified": "2019-07-22T16:16:47", "id": "DEBIAN:DLA-1860-1:DBF7E", "href": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:48:14", "description": "Package : libxslt\nVersion : 1.1.28-2+deb8u5\nCVE ID : CVE-2016-4609 CVE-2016-4610 CVE-2019-13117\n \t\t CVE-2019-13118\nDebian Bug : 932321 932320\n\nSeveral vulnerabilities were found in libxslt the XSLT 1.0 processing\nlibrary.\n\nCVE-2016-4610\n\n Invalid memory access leading to DoS at exsltDynMapFunction. libxslt\n allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2016-4609\n\n Out-of-bounds read at xmlGetLineNoInternal()\n libxslt allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n\nCVE-2019-13117\n\n An xsl:number with certain format strings could lead to an\n uninitialized read in xsltNumberFormatInsertNumbers. This could\n allow an attacker to discern whether a byte on the stack contains\n the characters A, a, I, i, or 0, or any other character.\n\nCVE-2019-13118\n\n A type holding grouping characters of an xsl:number instruction was\n too narrow and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.\n\nFor Debian 8 &quot;Jessie&quot;, these problems have been fixed in version\n1.1.28-2+deb8u5.\n\nWe recommend that you upgrade your libxslt packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-07-22T16:16:47", "type": "debian", "title": "[SECURITY] [DLA 1860-1] libxslt security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4609", "CVE-2016-4610", "CVE-2019-13117", "CVE-2019-13118"], "modified": "2019-07-22T16:16:47", "id": "DEBIAN:DLA-1860-1:B68F6", "href": "https://lists.debian.org/debian-lts-announce/2019/07/msg00020.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-22T12:48:38", "description": "Package : redis\nVersion : 2:2.8.17-1+deb8u7\nCVE ID : CVE-2019-10192\nDebian Bug : #931625\n\nIt was discovered that there were two heap buffer overflows in the\nHyperloglog functionality provided by the Redis in-memory key-value\ndatabase.\n\nFor Debian 8 &quot;Jessie&quot;, these issues have been fixed in redis version\n2:2.8.17-1+deb8u7.\n\nWe recommend that you upgrade your redis packages.\n\n\nRegards,\n\n- -- \n ,&#x27;&#x27;`.\n : :&#x27; : Chris Lamb\n `. `&#x27;` lamby@debian.org / chris-lamb.co.uk\n `-", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-10T13:45:53", "type": "debian", "title": "[SECURITY] [DLA 1850-1] redis security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192"], "modified": "2019-07-10T13:45:53", "id": "DEBIAN:DLA-1850-1:12B5C", "href": "https://lists.debian.org/debian-lts-announce/2019/07/msg00009.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-12-06T03:24:12", "description": "Package : redis\nVersion : 2:2.8.17-1+deb8u7\nCVE ID : CVE-2019-10192\nDebian Bug : #931625\n\nIt was discovered that there were two heap buffer overflows in the\nHyperloglog functionality provided by the Redis in-memory key-value\ndatabase.\n\nFor Debian 8 &quot;Jessie&quot;, these issues have been fixed in redis version\n2:2.8.17-1+deb8u7.\n\nWe recommend that you upgrade your redis packages.\n\n\nRegards,\n\n- -- \n ,&#x27;&#x27;`.\n : :&#x27; : Chris Lamb\n `. `&#x27;` lamby@debian.org / chris-lamb.co.uk\n `-", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-07-10T13:45:53", "type": "debian", "title": "[SECURITY] [DLA 1850-1] redis security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192"], "modified": "2019-07-10T13:45:53", "id": "DEBIAN:DLA-1850-1:DB10C", "href": "https://lists.debian.org/debian-lts-announce/2019/07/msg00009.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-03-26T13:16:41", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4477-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 08, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : zeromq3\nCVE ID : CVE-2019-13132\n\nFang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a\nlightweight messaging kernel library. A remote, unauthenticated client\nconnecting to an application using the libzmq library, running with a\nsocket listening with CURVE encryption/authentication enabled, can take\nadvantage of this flaw to cause a denial of service or the execution of\narbitrary code.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 4.2.1-4+deb9u2.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.3.1-4+deb10u1.\n\nWe recommend that you upgrade your zeromq3 packages.\n\nFor the detailed security status of zeromq3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/zeromq3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-08T16:13:55", "type": "debian", "title": "[SECURITY] [DSA 4477-1] zeromq3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2019-07-08T16:13:55", "id": "DEBIAN:DSA-4477-1:C1A86", "href": "https://lists.debian.org/debian-security-announce/2019/msg00125.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T18:40:41", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4477-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJuly 08, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : zeromq3\nCVE ID : CVE-2019-13132\n\nFang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a\nlightweight messaging kernel library. A remote, unauthenticated client\nconnecting to an application using the libzmq library, running with a\nsocket listening with CURVE encryption/authentication enabled, can take\nadvantage of this flaw to cause a denial of service or the execution of\narbitrary code.\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 4.2.1-4+deb9u2.\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.3.1-4+deb10u1.\n\nWe recommend that you upgrade your zeromq3 packages.\n\nFor the detailed security status of zeromq3 please refer to its security\ntracker page at:\nhttps://security-tracker.debian.org/tracker/zeromq3\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-08T16:13:55", "type": "debian", "title": "[SECURITY] [DSA 4477-1] zeromq3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2019-07-08T16:13:55", "id": "DEBIAN:DSA-4477-1:5B2C0", "href": "https://lists.debian.org/debian-security-announce/2019/msg00125.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-12-18T03:38:17", "description": "Package : zeromq3\nVersion : 4.0.5+dfsg-2+deb8u2\nCVE ID : CVE-2019-13132\n\n\nFang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a\nlightweight messaging kernel library. A remote, unauthenticated client\nconnecting to an application using the libzmq library, running with a\nsocket listening with CURVE encryption/authentication enabled, can take\nadvantage of this flaw to cause a denial of service or the execution of\narbitrary code.\n\n\nFor Debian 8 &quot;Jessie&quot;, this problem has been fixed in version\n4.0.5+dfsg-2+deb8u2.\n\nWe recommend that you upgrade your zeromq3 packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-07-08T17:05:18", "type": "debian", "title": "[SECURITY] [DLA 1849-1] zeromq3 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2019-07-08T17:05:18", "id": "DEBIAN:DLA-1849-1:F1C41", "href": "https://lists.debian.org/debian-lts-announce/2019/07/msg00007.html", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "osv": [{"lastseen": "2022-08-10T07:10:11", "description": "\nMultiple vulnerabilities were discovered in the HyperLogLog implementation\nof Redis, a persistent key-value database, which could result in denial\nof service or potentially the execution of arbitrary code.\n\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 3:3.2.6-3+deb9u3.\n\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 5:5.0.3-4+deb10u1.\n\n\nWe recommend that you upgrade your redis packages.\n\n\nFor the detailed security status of redis please refer to\nits security tracker page at:\n[\\\nhttps://security-tracker.debian.org/tracker/redis](https://security-tracker.debian.org/tracker/redis)\n\n\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-11T00:00:00", "type": "osv", "title": "redis - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2022-08-10T07:09:14", "id": "OSV:DSA-4480-1", "href": "https://osv.dev/vulnerability/DSA-4480-1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:18:26", "description": "\nSeveral vulnerabilities were found in libxslt the XSLT 1.0 processing\nlibrary.\n\n\n* [CVE-2016-4610](https://security-tracker.debian.org/tracker/CVE-2016-4610)\nInvalid memory access leading to DoS at exsltDynMapFunction. libxslt\n allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n* [CVE-2016-4609](https://security-tracker.debian.org/tracker/CVE-2016-4609)\nOut-of-bounds read at xmlGetLineNoInternal()\n libxslt allows remote attackers to cause a denial of service (memory\n corruption) or possibly have unspecified other impact via unknown\n vectors.\n* [CVE-2019-13117](https://security-tracker.debian.org/tracker/CVE-2019-13117)\nAn xsl:number with certain format strings could lead to an\n uninitialized read in xsltNumberFormatInsertNumbers. This could\n allow an attacker to discern whether a byte on the stack contains\n the characters A, a, I, i, or 0, or any other character.\n* [CVE-2019-13118](https://security-tracker.debian.org/tracker/CVE-2019-13118)\nA type holding grouping characters of an xsl:number instruction was\n too narrow and an invalid character/length combination could be\n passed to xsltNumberFormatDecimal, leading to a read of\n uninitialized stack data.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n1.1.28-2+deb8u5.\n\n\nWe recommend that you upgrade your libxslt packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-22T00:00:00", "type": "osv", "title": "libxslt - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-4609", "CVE-2016-4610", "CVE-2019-13117", "CVE-2019-13118"], "modified": "2022-07-21T05:52:44", "id": "OSV:DLA-1860-1", "href": "https://osv.dev/vulnerability/DLA-1860-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-08-05T05:18:33", "description": "\nIt was discovered that there were two heap buffer overflows in the\nHyperloglog functionality provided by the Redis in-memory key-value\ndatabase.\n\n\n* [CVE-2019-10192](https://security-tracker.debian.org/tracker/CVE-2019-10192)\nHeap buffer overflow.\n\n\nFor Debian 8 Jessie, these problems have been fixed in version\n2:2.8.17-1+deb8u7.\n\n\nWe recommend that you upgrade your redis packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "baseScore": 7.2, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-10T00:00:00", "type": "osv", "title": "redis - security update", "bulletinFamily": "software", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192"], "modified": "2022-08-05T05:18:31", "id": "OSV:DLA-1850-1", "href": "https://osv.dev/vulnerability/DLA-1850-1", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2022-08-10T07:14:42", "description": "\nFang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a\nlightweight messaging kernel library. A remote, unauthenticated client\nconnecting to an application using the libzmq library, running with a\nsocket listening with CURVE encryption/authentication enabled, can take\nadvantage of this flaw to cause a denial of service or the execution of\narbitrary code.\n\n\nFor the oldstable distribution (stretch), this problem has been fixed\nin version 4.2.1-4+deb9u2.\n\n\nFor the stable distribution (buster), this problem has been fixed in\nversion 4.3.1-4+deb10u1.\n\n\nWe recommend that you upgrade your zeromq3 packages.\n\n\nFor the detailed security status of zeromq3 please refer to its security\ntracker page at:\n<https://security-tracker.debian.org/tracker/zeromq3>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-08T00:00:00", "type": "osv", "title": "zeromq3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2022-08-10T07:14:38", "id": "OSV:DSA-4477-1", "href": "https://osv.dev/vulnerability/DSA-4477-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2022-07-21T08:18:26", "description": "\nFang-Pen Lin discovered a stack-based buffer-overflow flaw in ZeroMQ, a\nlightweight messaging kernel library. A remote, unauthenticated client\nconnecting to an application using the libzmq library, running with a\nsocket listening with CURVE encryption/authentication enabled, can take\nadvantage of this flaw to cause a denial of service or the execution of\narbitrary code.\n\n\nFor Debian 8 Jessie, this problem has been fixed in version\n4.0.5+dfsg-2+deb8u2.\n\n\nWe recommend that you upgrade your zeromq3 packages.\n\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: <https://wiki.debian.org/LTS>\n\n\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-07-08T00:00:00", "type": "osv", "title": "zeromq3 - security update", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2022-07-21T05:52:43", "id": "OSV:DLA-1849-1", "href": "https://osv.dev/vulnerability/DLA-1849-1", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "checkpoint_advisories": [{"lastseen": "2021-12-17T11:15:12", "description": "A buffer overflow vulnerability exists in Redis. Successful exploitation of this vulnerability could result in the execution of arbitrary code on the affected system.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-02-05T00:00:00", "type": "checkpoint_advisories", "title": "Redis Buffer Overflow (CVE-2019-10192; CVE-2019-10193)", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10192", "CVE-2019-10193"], "modified": "2020-05-18T00:00:00", "id": "CPAI-2019-1669", "href": "", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2021-12-17T11:19:12", "description": "A buffer overflow vulnerability exists in ZeroMQ libzmq. Successful exploitation of this vulnerability could allow the execution of arbitrary code on the target machine.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2019-09-18T00:00:00", "type": "checkpoint_advisories", "title": "ZeroMQ libzmq Buffer Overflow (CVE-2019-13132)", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-13132"], "modified": "2020-02-10T00:00:00", "id": "CPAI-2019-0908", "href": "", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2021-11-26T22:40:24", "description": "Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log.\n\nSecurity Fix(es):\n\n* redis: Heap buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10192)\n\n* redis: Stack buffer overflow in HyperLogLog triggered by malicious client (CVE-2019-10193)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 1.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 7.2, "privilegesRequired": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-08-07T10:40:54", "type": "redhat", "title": "(RHSA-2019:2002) Important: redis:5 security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDI