{"photon": [{"lastseen": "2023-05-30T15:04:11", "description": "Updates of ['linux-aws', 'rsyslog', 'tcpdump', 'yarn', 'linux', 'libpcap', 'linux-secure', 'linux-esx'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-3.0-0034", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-14821", "CVE-2019-14835", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15918", "CVE-2019-17040", "CVE-2019-19319", "CVE-2019-5448"], "modified": "2019-10-15T00:00:00", "id": "PHSA-2019-3.0-0034", "href": "https://github.com/vmware/photon/wiki/Security-Update-3.0-34", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-11-03T20:59:54", "description": "An update of {'python3', 'python2', 'subversion', 'rsyslog', 'tcpdump'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0182", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-11782", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-0203", "CVE-2019-15166", "CVE-2019-16935", "CVE-2019-17040"], "modified": "2019-10-15T00:00:00", "id": "PHSA-2019-2.0-0182", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-182", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-30T15:25:37", "description": "Updates of ['tcpdump', 'python3', 'rsyslog', 'python2', 'subversion'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-10-15T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0182", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-11782", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-0203", "CVE-2019-15166", "CVE-2019-16935", "CVE-2019-17040"], "modified": "2019-10-15T00:00:00", "id": "PHSA-2019-0182", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-182", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-30T15:44:54", "description": "Updates of ['file', 'git', 'python3', 'libndp', 'curl', 'haproxy', 'libpcap', 'linux', 'tcpdump', 'binutils', 'e2fsprogs', 'linux-esx', 'python2', 'polkit'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-13T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0255", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3698", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-1116", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-17456", "CVE-2018-18309", "CVE-2018-19486", "CVE-2018-20976", "CVE-2019-1010204", "CVE-2019-14821", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-16935", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17514", "CVE-2019-17666", "CVE-2019-18218", "CVE-2019-18277", "CVE-2019-18806", "CVE-2019-19523", "CVE-2019-19525", "CVE-2019-19528", "CVE-2019-5094", "CVE-2019-5481", "CVE-2019-5482"], "modified": "2019-11-13T00:00:00", "id": "PHSA-2019-0255", "href": "https://github.com/vmware/photon/wiki/Security-Update-1.0-255", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T17:49:49", "description": "An update of {'libndp', 'haproxy', 'libpcap', 'file', 'salt', 'python2', 'e2fsprogs', 'sysstat', 'linux-esx', 'git', 'tcpdump', 'curl', 'binutils', 'linux', 'python3', 'polkit'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-13T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-1.0-0255", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 6.5, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 8.3, "vectorString": "AV:A/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-3698", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-1116", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-15751", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-17456", "CVE-2018-18309", "CVE-2018-19486", "CVE-2018-20976", "CVE-2019-1010204", "CVE-2019-14821", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-16167", "CVE-2019-16935", "CVE-2019-17052", "CVE-2019-17053", "CVE-2019-17054", "CVE-2019-17055", "CVE-2019-17056", "CVE-2019-17514", "CVE-2019-17666", "CVE-2019-18218", "CVE-2019-18277", "CVE-2019-18806", "CVE-2019-19523", "CVE-2019-19525", "CVE-2019-19528", "CVE-2019-5094", "CVE-2019-5481", "CVE-2019-5482"], "modified": "2019-11-13T00:00:00", "id": "PHSA-2019-1.0-0255", "href": "https://github.com/vmware/photon/wiki/Security-Updates-1.0-255", "cvss": {"score": 8.3, "vector": "AV:A/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-11-03T20:59:48", "description": "An update of {'haproxy', 'etcd', 'file', 'libpcap', 'tar', 'python3', 'python2'} packages of Photon OS has been released.\n", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 9.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 5.9}, "published": "2019-11-14T00:00:00", "type": "photon", "title": "Home\nDownload Photon OS\nUser Documentation\nFAQ\nSecurity Advisories\nRelated Information\n\nLightwave - PHSA-2019-2.0-0187", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6321", "CVE-2018-16301", "CVE-2018-16886", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-17514", "CVE-2019-18218", "CVE-2019-18277"], "modified": "2019-11-14T00:00:00", "id": "PHSA-2019-2.0-0187", "href": "https://github.com/vmware/photon/wiki/Security-Updates-2-187", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-05-29T15:25:23", "description": "Updates of ['file', 'etcd', 'python3', 'haproxy', 'tar', 'python2', 'libpcap'] packages of Photon OS have been released.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2019-11-14T00:00:00", "type": "photon", "title": "Critical Photon OS Security Update - PHSA-2019-0187", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2016-6321", "CVE-2018-16301", "CVE-2018-16886", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-17514", "CVE-2019-18218", "CVE-2019-18277"], "modified": "2019-11-14T00:00:00", "id": "PHSA-2019-0187", "href": "https://github.com/vmware/photon/wiki/Security-Update-2.0-187", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-24T14:30:19", "description": "An update of the tcpdump package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Tcpdump PHSA-2019-2.0-0182", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:tcpdump", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0182_TCPDUMP.NASL", "href": "https://www.tenable.com/plugins/nessus/130118", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130118);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"Photon OS 2.0: Tcpdump PHSA-2019-2.0-0182\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the tcpdump package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-182.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15166\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"tcpdump-4.9.3-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"tcpdump-debuginfo-4.9.3-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:20", "description": "An update of the tcpdump package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Tcpdump PHSA-2019-3.0-0034", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:tcpdump", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0034_TCPDUMP.NASL", "href": "https://www.tenable.com/plugins/nessus/130122", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0034. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130122);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"Photon OS 3.0: Tcpdump PHSA-2019-3.0-0034\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the tcpdump package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0034.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15166\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"tcpdump-4.9.3-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"tcpdump-debuginfo-4.9.3-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:26:46", "description": "The remote NewStart CGSL host, running version MAIN 6.02, has tcpdump packages installed that are affected by multiple vulnerabilities:\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-03-10T00:00:00", "type": "nessus", "title": "NewStart CGSL MAIN 6.02 : tcpdump Multiple Vulnerabilities (NS-SA-2021-0082)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-03-10T00:00:00", "cpe": [], "id": "NEWSTART_CGSL_NS-SA-2021-0082_TCPDUMP.NASL", "href": "https://www.tenable.com/plugins/nessus/147275", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from ZTE advisory NS-SA-2021-0082. The text\n# itself is copyright (C) ZTE, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147275);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/10\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"NewStart CGSL MAIN 6.02 : tcpdump Multiple Vulnerabilities (NS-SA-2021-0082)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote machine is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote NewStart CGSL host, running version MAIN 6.02, has tcpdump packages installed that are affected by multiple\nvulnerabilities:\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags\n subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-\n lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"http://security.gd-linux.com/notice/NS-SA-2021-0082\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the vulnerable CGSL tcpdump packages. Note that updated packages may not be available yet. Please contact ZTE\nfor more information.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"NewStart CGSL Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/ZTE-CGSL/release\", \"Host/ZTE-CGSL/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item('Host/ZTE-CGSL/release');\nif (isnull(release) || release !~ \"^CGSL (MAIN|CORE)\") audit(AUDIT_OS_NOT, 'NewStart Carrier Grade Server Linux');\n\nif (release !~ \"CGSL MAIN 6.02\")\n audit(AUDIT_OS_NOT, 'NewStart CGSL MAIN 6.02');\n\nif (!get_kb_item('Host/ZTE-CGSL/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'NewStart Carrier Grade Server Linux', cpu);\n\nflag = 0;\n\npkgs = {\n 'CGSL MAIN 6.02': [\n 'tcpdump-4.9.3-1.el8',\n 'tcpdump-debuginfo-4.9.3-1.el8',\n 'tcpdump-debugsource-4.9.3-1.el8'\n ]\n};\npkg_list = pkgs[release];\n\nforeach (pkg in pkg_list)\n if (rpm_check(release:'ZTE ' + release, reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:42", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().(CVE-2018-16228)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-04-15T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : tcpdump (EulerOS-SA-2020-1437)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1437.NASL", "href": "https://www.tenable.com/plugins/nessus/135566", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135566);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : tcpdump (EulerOS-SA-2020-1437)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 2 of 2).(CVE-2018-10105)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144\n 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer\n over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before\n 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a\n buffer over-read in print-802_11.c for the Mesh Flags\n subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer\n over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack\n exhaustion in smbutil.c:smb_fdata() via\n recursion.(CVE-2018-16452)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-hncp.c:print_prefix().(CVE-2018-16228)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1437\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7825f0c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.0-5.h179\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-19T14:12:39", "description": "The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2020-4760 advisory.\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : tcpdump (ELSA-2020-4760)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2020-11-13T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:tcpdump"], "id": "ORACLELINUX_ELSA-2020-4760.NASL", "href": "https://www.tenable.com/plugins/nessus/142765", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-4760.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142765);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/13\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"Oracle Linux 8 : tcpdump (ELSA-2020-4760)\");\n script_summary(english:\"Checks the rpm output for the updated package\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nELSA-2020-4760 advisory.\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-\n lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file(). (CVE-2018-14879)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags\n subfield. (CVE-2018-16227)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-4760.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:tcpdump\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\npkgs = [\n {'reference':'tcpdump-4.9.3-1.el8', 'cpu':'aarch64', 'release':'8', 'epoch':'14'},\n {'reference':'tcpdump-4.9.3-1.el8', 'cpu':'x86_64', 'release':'8', 'epoch':'14'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n rpm_prefix = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rpm_prefix'])) rpm_prefix = package_array['rpm_prefix'];\n if (reference && release) {\n if (rpm_prefix) {\n if (rpm_exists(release:release, rpm:rpm_prefix) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:59", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These security vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.\n\nFor Debian 8 'Jessie', these problems have been fixed in version 4.9.3-1~deb8u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-14T00:00:00", "type": "nessus", "title": "Debian DLA-1955-1 : tcpdump security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-1955.NASL", "href": "https://www.tenable.com/plugins/nessus/129828", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-1955-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129828);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n\n script_name(english:\"Debian DLA-1955-1 : tcpdump security update\");\n script_summary(english:\"Checks dpkg output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These security vulnerabilities\nmight result in denial of service or, potentially, execution of\narbitrary code.\n\nFor Debian 8 'Jessie', these problems have been fixed in version\n4.9.3-1~deb8u1.\n\nWe recommend that you upgrade your tcpdump packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/tcpdump\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Upgrade the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/14\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb8u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:04", "description": "Several vulnerabilities have been discovered in tcpdump, a command-line network traffic analyzer. These vulnerabilities might result in denial of service or, potentially, execution of arbitrary code.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Debian DSA-4547-1 : tcpdump - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:tcpdump", "cpe:/o:debian:debian_linux:10.0", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4547.NASL", "href": "https://www.tenable.com/plugins/nessus/130135", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4547. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130135);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n script_xref(name:\"DSA\", value:\"4547\");\n\n script_name(english:\"Debian DSA-4547-1 : tcpdump - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These vulnerabilities might\nresult in denial of service or, potentially, execution of arbitrary\ncode.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/tcpdump\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4547\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the tcpdump packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 4.9.3-1~deb9u1.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 4.9.3-1~deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb10u1\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"tcpdump\", reference:\"4.9.3-1~deb9u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-26T14:25:08", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:4760 advisory.\n\n - tcpdump: SMB data printing mishandled (CVE-2018-10103, CVE-2018-10105)\n\n - tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)\n\n - tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)\n\n - tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)\n\n - tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)\n\n - tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)\n\n - tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)\n\n - tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)\n\n - tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)\n\n - tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)\n\n - tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)\n\n - tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c (CVE-2018-14879)\n\n - tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)\n\n - tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)\n\n - tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)\n\n - tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)\n\n - tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)\n\n - tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)\n\n - tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)\n\n - tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)\n\n - tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)\n\n - tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)\n\n - tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2020-11-04T00:00:00", "type": "nessus", "title": "RHEL 8 : tcpdump (RHSA-2020:4760)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.4", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:tcpdump"], "id": "REDHAT-RHSA-2020-4760.NASL", "href": "https://www.tenable.com/plugins/nessus/142444", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4760. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(142444);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n script_xref(name:\"RHSA\", value:\"2020:4760\");\n\n script_name(english:\"RHEL 8 : tcpdump (RHSA-2020:4760)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4760 advisory.\n\n - tcpdump: SMB data printing mishandled (CVE-2018-10103, CVE-2018-10105)\n\n - tcpdump: Buffer over-read in ldp_tlv_print() function in print-ldp.c (CVE-2018-14461)\n\n - tcpdump: Buffer over-read in icmp_print() function in print-icmp.c (CVE-2018-14462)\n\n - tcpdump: Buffer over-read in vrrp_print() function in print-vrrp.c (CVE-2018-14463)\n\n - tcpdump: Buffer over-read in lmp_print_data_link_subobjs() function in print-lmp.c (CVE-2018-14464)\n\n - tcpdump: Buffer over-read in rsvp_obj_print() function in print-rsvp.c (CVE-2018-14465)\n\n - tcpdump: Buffer over-read in print-icmp6.c (CVE-2018-14466)\n\n - tcpdump: Buffer over-read in bgp_capabilities_print() in print-bgp.c (CVE-2018-14467)\n\n - tcpdump: Buffer over-read in mfr_print() function in print-fr.c (CVE-2018-14468)\n\n - tcpdump: Buffer over-read in ikev1_n_print() function in print-isakmp.c (CVE-2018-14469)\n\n - tcpdump: Buffer over-read in babel_print_v2() in print-babel.c (CVE-2018-14470)\n\n - tcpdump: Out of bounds read/write in in get_next_file() in tcpdump.c (CVE-2018-14879)\n\n - tcpdump: Buffer over-read in ospf6_print_lshdr() function in print-ospf6.c (CVE-2018-14880)\n\n - tcpdump: Buffer over-read in bgp_capabilities_print() function in print-bgp.c (CVE-2018-14881)\n\n - tcpdump: Buffer over-read in function rpl_dio_printopt in print-icmp6.c (CVE-2018-14882)\n\n - tcpdump: Buffer over-read in print-802_11.c (CVE-2018-16227)\n\n - tcpdump: Access to uninitialized buffer in print_prefix() function in print-hncp.c (CVE-2018-16228)\n\n - tcpdump: Buffer over-read in dccp_print_option() function in print-dccp.c (CVE-2018-16229)\n\n - tcpdump: Buffer over-read in bgp_attr_print() function in print-bgp.c (CVE-2018-16230)\n\n - tcpdump: Resource exhaustion in bgp_attr_print() function in print-bgp.c (CVE-2018-16300)\n\n - tcpdump: Buffer over-read in print_trans() function in print-smb.c (CVE-2018-16451)\n\n - tcpdump: Resource exhaustion in smb_fdata() funtion in smbutil.c (CVE-2018-16452)\n\n - tcpdump: Buffer overflow in lmp_print_data_link_subobjs() in print-lmp.c (CVE-2019-15166)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-10103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-10105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14464\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14469\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14470\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-14882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16227\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16228\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-16452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2019-15166\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4760\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760430\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760445\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760447\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760453\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760455\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760457\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760458\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760464\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760505\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760506\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760507\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760509\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760512\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760513\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760514\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760516\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760517\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760518\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760520\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 119, 125, 400, 665);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/11/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tcpdump\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.4/x86_64/appstream/debug',\n 'content/aus/rhel8/8.4/x86_64/appstream/os',\n 'content/aus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.4/x86_64/baseos/debug',\n 'content/aus/rhel8/8.4/x86_64/baseos/os',\n 'content/aus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/appstream/debug',\n 'content/e4s/rhel8/8.4/aarch64/appstream/os',\n 'content/e4s/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/aarch64/baseos/debug',\n 'content/e4s/rhel8/8.4/aarch64/baseos/os',\n 'content/e4s/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.4/ppc64le/sap/os',\n 'content/e4s/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/appstream/debug',\n 'content/e4s/rhel8/8.4/s390x/appstream/os',\n 'content/e4s/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/s390x/baseos/debug',\n 'content/e4s/rhel8/8.4/s390x/baseos/os',\n 'content/e4s/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.4/x86_64/appstream/os',\n 'content/e4s/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.4/x86_64/baseos/os',\n 'content/e4s/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/nfv/debug',\n 'content/e4s/rhel8/8.4/x86_64/nfv/os',\n 'content/e4s/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.4/x86_64/sap/debug',\n 'content/e4s/rhel8/8.4/x86_64/sap/os',\n 'content/e4s/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/appstream/debug',\n 'content/eus/rhel8/8.4/aarch64/appstream/os',\n 'content/eus/rhel8/8.4/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/baseos/debug',\n 'content/eus/rhel8/8.4/aarch64/baseos/os',\n 'content/eus/rhel8/8.4/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.4/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.4/aarch64/highavailability/os',\n 'content/eus/rhel8/8.4/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.4/aarch64/supplementary/os',\n 'content/eus/rhel8/8.4/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.4/ppc64le/appstream/os',\n 'content/eus/rhel8/8.4/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.4/ppc64le/baseos/os',\n 'content/eus/rhel8/8.4/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.4/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.4/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.4/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.4/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/sap/debug',\n 'content/eus/rhel8/8.4/ppc64le/sap/os',\n 'content/eus/rhel8/8.4/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.4/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/appstream/debug',\n 'content/eus/rhel8/8.4/s390x/appstream/os',\n 'content/eus/rhel8/8.4/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/baseos/debug',\n 'content/eus/rhel8/8.4/s390x/baseos/os',\n 'content/eus/rhel8/8.4/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.4/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/highavailability/debug',\n 'content/eus/rhel8/8.4/s390x/highavailability/os',\n 'content/eus/rhel8/8.4/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.4/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/sap/debug',\n 'content/eus/rhel8/8.4/s390x/sap/os',\n 'content/eus/rhel8/8.4/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/s390x/supplementary/debug',\n 'content/eus/rhel8/8.4/s390x/supplementary/os',\n 'content/eus/rhel8/8.4/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/appstream/debug',\n 'content/eus/rhel8/8.4/x86_64/appstream/os',\n 'content/eus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/baseos/debug',\n 'content/eus/rhel8/8.4/x86_64/baseos/os',\n 'content/eus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.4/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.4/x86_64/highavailability/os',\n 'content/eus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.4/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.4/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/sap/debug',\n 'content/eus/rhel8/8.4/x86_64/sap/os',\n 'content/eus/rhel8/8.4/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.4/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.4/x86_64/supplementary/os',\n 'content/eus/rhel8/8.4/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/appstream/debug',\n 'content/tus/rhel8/8.4/x86_64/appstream/os',\n 'content/tus/rhel8/8.4/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/baseos/debug',\n 'content/tus/rhel8/8.4/x86_64/baseos/os',\n 'content/tus/rhel8/8.4/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.4/x86_64/highavailability/os',\n 'content/tus/rhel8/8.4/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/nfv/debug',\n 'content/tus/rhel8/8.4/x86_64/nfv/os',\n 'content/tus/rhel8/8.4/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.4/x86_64/rt/debug',\n 'content/tus/rhel8/8.4/x86_64/rt/os',\n 'content/tus/rhel8/8.4/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'tcpdump-4.9.3-1.el8', 'sp':'4', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'14'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.6/x86_64/appstream/debug',\n 'content/aus/rhel8/8.6/x86_64/appstream/os',\n 'content/aus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.6/x86_64/baseos/debug',\n 'content/aus/rhel8/8.6/x86_64/baseos/os',\n 'content/aus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.6/ppc64le/sap/os',\n 'content/e4s/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.6/x86_64/appstream/os',\n 'content/e4s/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.6/x86_64/baseos/os',\n 'content/e4s/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.6/x86_64/sap/debug',\n 'content/e4s/rhel8/8.6/x86_64/sap/os',\n 'content/e4s/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/appstream/debug',\n 'content/eus/rhel8/8.6/aarch64/appstream/os',\n 'content/eus/rhel8/8.6/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/baseos/debug',\n 'content/eus/rhel8/8.6/aarch64/baseos/os',\n 'content/eus/rhel8/8.6/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.6/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.6/aarch64/highavailability/os',\n 'content/eus/rhel8/8.6/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.6/aarch64/supplementary/os',\n 'content/eus/rhel8/8.6/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.6/ppc64le/appstream/os',\n 'content/eus/rhel8/8.6/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.6/ppc64le/baseos/os',\n 'content/eus/rhel8/8.6/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.6/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.6/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.6/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.6/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/sap/debug',\n 'content/eus/rhel8/8.6/ppc64le/sap/os',\n 'content/eus/rhel8/8.6/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.6/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/appstream/debug',\n 'content/eus/rhel8/8.6/s390x/appstream/os',\n 'content/eus/rhel8/8.6/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/baseos/debug',\n 'content/eus/rhel8/8.6/s390x/baseos/os',\n 'content/eus/rhel8/8.6/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.6/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/highavailability/debug',\n 'content/eus/rhel8/8.6/s390x/highavailability/os',\n 'content/eus/rhel8/8.6/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.6/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/sap/debug',\n 'content/eus/rhel8/8.6/s390x/sap/os',\n 'content/eus/rhel8/8.6/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/s390x/supplementary/debug',\n 'content/eus/rhel8/8.6/s390x/supplementary/os',\n 'content/eus/rhel8/8.6/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/appstream/debug',\n 'content/eus/rhel8/8.6/x86_64/appstream/os',\n 'content/eus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/baseos/debug',\n 'content/eus/rhel8/8.6/x86_64/baseos/os',\n 'content/eus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.6/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.6/x86_64/highavailability/os',\n 'content/eus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.6/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.6/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/sap/debug',\n 'content/eus/rhel8/8.6/x86_64/sap/os',\n 'content/eus/rhel8/8.6/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.6/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.6/x86_64/supplementary/os',\n 'content/eus/rhel8/8.6/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/appstream/debug',\n 'content/tus/rhel8/8.6/x86_64/appstream/os',\n 'content/tus/rhel8/8.6/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/baseos/debug',\n 'content/tus/rhel8/8.6/x86_64/baseos/os',\n 'content/tus/rhel8/8.6/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.6/x86_64/highavailability/os',\n 'content/tus/rhel8/8.6/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.6/x86_64/rt/os',\n 'content/tus/rhel8/8.6/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'tcpdump-4.9.3-1.el8', 'sp':'6', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'14'}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'tcpdump-4.9.3-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'14'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:54", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-09T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2551)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-16227", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452"], "modified": "2021-01-29T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2551.NASL", "href": "https://www.tenable.com/plugins/nessus/131825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131825);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/29\");\n\n script_cve_id(\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-16227\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2551)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144\n 64)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer\n over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert().(CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before\n 4.9.3 has a buffer overflow in\n tcpdump.c:get_next_file().(CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a\n buffer over-read in print-802_11.c for the Mesh Flags\n subfield.(CVE-2018-16227)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI).(CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer\n over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack\n exhaustion in smbutil.c:smb_fdata() via\n recursion.(CVE-2018-16452)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2551\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6997f598\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-14879\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.2-3.h2.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:54:42", "description": "https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a buffer and cause the application to crash. The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "AIX 7.1 TL 5 : tcpdump (IJ20783)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2023-04-20T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.1"], "id": "AIX_IJ20783.NASL", "href": "https://www.tenable.com/plugins/nessus/132730", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory5.asc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132730);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"AIX 7.1 TL 5 : tcpdump (IJ20783)\");\n script_summary(english:\"Check for APAR IJ20783\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467 The BGP\nparser in tcpdump before 4.9.3 has a buffer over-read in\nprint-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has\na buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The\nBabel parser in tcpdump before 4.9.3 has a buffer over-read in\nprint-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the\nprinting of SMB data (issue 2 of 2). The LDP parser in tcpdump before\n4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump\nbefore 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds\nchecking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a\nbuffer and cause the application to crash. The Rx parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\nrx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-bgp.c:bgp_capabilities_print()\n(BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before\n4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB\nparser in tcpdump before 4.9.3 has buffer over-reads in\nprint-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The\nSMB parser in tcpdump before 4.9.3 has stack exhaustion in\nsmbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before\n4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n(MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in\ntcpdump before 4.9.3 lacks certain bounds checks. The command-line\nargument parser in tcpdump before 4.9.3 has a buffer overflow in\ntcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has\na buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-802_11.c for the Mesh\nFlags subfield. The BGP parser in tcpdump before 4.9.3 allows stack\nconsumption in print-bgp.c:bgp_attr_print() because of unlimited\nrecursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\nover-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based\nbuffer over-read related to aoe_print in print-aoe.c and lookup_emem\nin addrtoname.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"03\", patch:\"IJ20783s5a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.32\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"04\", patch:\"IJ20783s4a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.32\") < 0) flag++;\nif (aix_check_ifix(release:\"7.1\", ml:\"05\", sp:\"05\", patch:\"IJ20783s5a\", package:\"bos.net.tcp.server\", minfilesetver:\"7.1.5.0\", maxfilesetver:\"7.1.5.32\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:54:42", "description": "https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a buffer and cause the application to crash. The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 3 : tcpdump (IJ20785)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2023-04-20T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ20785.NASL", "href": "https://www.tenable.com/plugins/nessus/132732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory5.asc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132732);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"AIX 7.2 TL 3 : tcpdump (IJ20785)\");\n script_summary(english:\"Check for APAR IJ20785\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467 The BGP\nparser in tcpdump before 4.9.3 has a buffer over-read in\nprint-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has\na buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The\nBabel parser in tcpdump before 4.9.3 has a buffer over-read in\nprint-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the\nprinting of SMB data (issue 2 of 2). The LDP parser in tcpdump before\n4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump\nbefore 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds\nchecking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a\nbuffer and cause the application to crash. The Rx parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\nrx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-bgp.c:bgp_capabilities_print()\n(BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before\n4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB\nparser in tcpdump before 4.9.3 has buffer over-reads in\nprint-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The\nSMB parser in tcpdump before 4.9.3 has stack exhaustion in\nsmbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before\n4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n(MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in\ntcpdump before 4.9.3 lacks certain bounds checks. The command-line\nargument parser in tcpdump before 4.9.3 has a buffer overflow in\ntcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has\na buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-802_11.c for the Mesh\nFlags subfield. The BGP parser in tcpdump before 4.9.3 allows stack\nconsumption in print-bgp.c:bgp_attr_print() because of unlimited\nrecursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\nover-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based\nbuffer over-read related to aoe_print in print-aoe.c and lookup_emem\nin addrtoname.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"03\", sp:\"01\", patch:\"IJ20785s1a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.3.0\", maxfilesetver:\"7.2.3.16\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"03\", sp:\"02\", patch:\"IJ20785s2a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.3.0\", maxfilesetver:\"7.2.3.16\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"03\", sp:\"03\", patch:\"IJ20785s3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.3.0\", maxfilesetver:\"7.2.3.16\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"03\", sp:\"04\", patch:\"IJ20785s3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.3.0\", maxfilesetver:\"7.2.3.16\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:19", "description": "https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a buffer and cause the application to crash. The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 2 : tcpdump (IJ20784)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2023-04-20T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ20784.NASL", "href": "https://www.tenable.com/plugins/nessus/132731", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory5.asc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132731);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"AIX 7.2 TL 2 : tcpdump (IJ20784)\");\n script_summary(english:\"Check for APAR IJ20784\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467 The BGP\nparser in tcpdump before 4.9.3 has a buffer over-read in\nprint-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has\na buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The\nBabel parser in tcpdump before 4.9.3 has a buffer over-read in\nprint-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the\nprinting of SMB data (issue 2 of 2). The LDP parser in tcpdump before\n4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump\nbefore 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds\nchecking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a\nbuffer and cause the application to crash. The Rx parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\nrx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-bgp.c:bgp_capabilities_print()\n(BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before\n4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB\nparser in tcpdump before 4.9.3 has buffer over-reads in\nprint-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The\nSMB parser in tcpdump before 4.9.3 has stack exhaustion in\nsmbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before\n4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n(MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in\ntcpdump before 4.9.3 lacks certain bounds checks. The command-line\nargument parser in tcpdump before 4.9.3 has a buffer overflow in\ntcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has\na buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-802_11.c for the Mesh\nFlags subfield. The BGP parser in tcpdump before 4.9.3 allows stack\nconsumption in print-bgp.c:bgp_attr_print() because of unlimited\nrecursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\nover-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based\nbuffer over-read related to aoe_print in print-aoe.c and lookup_emem\nin addrtoname.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"02\", sp:\"02\", patch:\"IJ20784s2a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.2.0\", maxfilesetver:\"7.2.2.17\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"02\", sp:\"03\", patch:\"IJ20784s3a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.2.0\", maxfilesetver:\"7.2.2.17\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"02\", sp:\"04\", patch:\"IJ20784s4a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.2.0\", maxfilesetver:\"7.2.2.17\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:54:44", "description": "https://vulners.com/cve/CVE-2018-14467 https://vulners.com/cve/CVE-2018-14467 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds checking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a buffer and cause the application to crash. The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "nessus", "title": "AIX 7.2 TL 4 : tcpdump (IJ20786)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2023-04-20T00:00:00", "cpe": ["cpe:/o:ibm:aix:7.2"], "id": "AIX_IJ20786.NASL", "href": "https://www.tenable.com/plugins/nessus/132733", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text in the description was extracted from AIX Security\n# Advisory tcpdump_advisory5.asc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132733);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/20\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"AIX 7.2 TL 4 : tcpdump (IJ20786)\");\n script_summary(english:\"Check for APAR IJ20786\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote AIX host is missing a security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14467 The BGP\nparser in tcpdump before 4.9.3 has a buffer over-read in\nprint-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). The VRRP parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-vrrp.c:vrrp_print(). The LMP parser in tcpdump before 4.9.3 has\na buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). The\nBabel parser in tcpdump before 4.9.3 has a buffer over-read in\nprint-babel.c:babel_print_v2(). tcpdump before 4.9.3 mishandles the\nprinting of SMB data (issue 2 of 2). The LDP parser in tcpdump before\n4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). tcpdump\nbefore 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\nTcpdump is vulnerable to a buffer overflow, caused by improper bounds\nchecking by the lmp_print_data_link_subobjs function in print-lmp.c.\nBy sending specially-crafted data, a remote attacker could overflow a\nbuffer and cause the application to crash. The Rx parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\nrx_cache_insert(). The IKEv1 parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-isakmp.c:ikev1_n_print(). The FRF.16 parser\nin tcpdump before 4.9.3 has a buffer over-read in\nprint-fr.c:mfr_print(). The BGP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-bgp.c:bgp_capabilities_print()\n(BGP_CAPCODE_RESTART). The ICMP parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-icmp.c:icmp_print(). The OSPFv3 parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-ospf6.c:ospf6_print_lshdr(). The RSVP parser in tcpdump before\n4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). The SMB\nparser in tcpdump before 4.9.3 has buffer over-reads in\nprint-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. The\nSMB parser in tcpdump before 4.9.3 has stack exhaustion in\nsmbutil.c:smb_fdata() via recursion. The BGP parser in tcpdump before\n4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n(MP_REACH_NLRI). lmp_print_data_link_subobjs() in print-lmp.c in\ntcpdump before 4.9.3 lacks certain bounds checks. The command-line\nargument parser in tcpdump before 4.9.3 has a buffer overflow in\ntcpdump.c:get_next_file(). The HNCP parser in tcpdump before 4.9.3 has\na buffer over-read in print-hncp.c:print_prefix(). The DCCP parser in\ntcpdump before 4.9.3 has a buffer over-read in\nprint-dccp.c:dccp_print_option(). The IEEE 802.11 parser in tcpdump\nbefore 4.9.3 has a buffer over-read in print-802_11.c for the Mesh\nFlags subfield. The BGP parser in tcpdump before 4.9.3 allows stack\nconsumption in print-bgp.c:bgp_attr_print() because of unlimited\nrecursion. The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\nover-read in print-icmp6.c. tcpdump before 4.9.3 has a heap-based\nbuffer over-read related to aoe_print in print-aoe.c and lookup_emem\nin addrtoname.c.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://aix.software.ibm.com/aix/efixes/security/tcpdump_advisory5.asc\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Install the appropriate interim fix.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:ibm:aix:7.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"AIX Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/AIX/lslpp\", \"Host/local_checks_enabled\", \"Host/AIX/version\");\n\n exit(0);\n}\n\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"aix.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif ( ! get_kb_item(\"Host/AIX/version\") ) audit(AUDIT_OS_NOT, \"AIX\");\nif ( ! get_kb_item(\"Host/AIX/lslpp\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nif ( get_kb_item(\"Host/AIX/emgr_failure\" ) ) exit(0, \"This iFix check is disabled because : \"+get_kb_item(\"Host/AIX/emgr_failure\") );\n\nflag = 0;\n\nif (aix_check_ifix(release:\"7.2\", ml:\"04\", sp:\"00\", patch:\"IJ20786s1a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.4.0\", maxfilesetver:\"7.2.4.0\") < 0) flag++;\nif (aix_check_ifix(release:\"7.2\", ml:\"04\", sp:\"01\", patch:\"IJ20786s1a\", package:\"bos.net.tcp.tcpdump\", minfilesetver:\"7.2.4.0\", maxfilesetver:\"7.2.4.0\") < 0) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:aix_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:27", "description": "New libpcap and tcpdump packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Slackware 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2019-274-01)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:libpcap", "p-cpe:/a:slackware:slackware_linux:tcpdump", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:14.0", "cpe:/o:slackware:slackware_linux:14.1", "cpe:/o:slackware:slackware_linux:14.2"], "id": "SLACKWARE_SSA_2019-274-01.NASL", "href": "https://www.tenable.com/plugins/nessus/129521", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2019-274-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129521);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_xref(name:\"SSA\", value:\"2019-274-01\");\n\n script_name(english:\"Slackware 14.0 / 14.1 / 14.2 / current : tcpdump (SSA:2019-274-01)\");\n script_summary(english:\"Checks for updated packages in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New libpcap and tcpdump packages are available for Slackware 14.0,\n14.1, 14.2, and -current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.682249\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9d84ca7a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpcap and / or tcpdump packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"14.0\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"14.1\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"i486\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\nif (slackware_check(osver:\"14.1\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.1\")) flag++;\n\nif (slackware_check(osver:\"14.2\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"i586\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\nif (slackware_check(osver:\"14.2\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"libpcap\", pkgver:\"1.9.0\", pkgarch:\"i586\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", pkgname:\"tcpdump\", pkgver:\"4.9.2\", pkgarch:\"i586\", pkgnum:\"3\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"libpcap\", pkgver:\"1.9.1\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"tcpdump\", pkgver:\"4.9.3\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:25:51", "description": "This update for tcpdump fixes the following issues :\n\nCVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate the right buffer size (bsc#1178466).\n\nThe previous update of tcpdump already fixed variuous Buffer overflow/overread vulnerabilities [bsc#1153098, bsc#1153332]\n\nCVE-2017-16808 (AoE)\n\nCVE-2018-14468 (FrameRelay)\n\nCVE-2018-14469 (IKEv1)\n\nCVE-2018-14470 (BABEL)\n\nCVE-2018-14466 (AFS/RX)\n\nCVE-2018-14461 (LDP)\n\nCVE-2018-14462 (ICMP)\n\nCVE-2018-14465 (RSVP)\n\nCVE-2018-14464 (LMP)\n\nCVE-2019-15166 (LMP)\n\nCVE-2018-14880 (OSPF6)\n\nCVE-2018-14882 (RPL)\n\nCVE-2018-16227 (802.11)\n\nCVE-2018-16229 (DCCP)\n\nCVE-2018-14467 (BGP)\n\nCVE-2018-14881 (BGP)\n\nCVE-2018-16230 (BGP)\n\nCVE-2018-16300 (BGP)\n\nCVE-2018-14463 (VRRP)\n\nCVE-2019-15167 (VRRP)\n\nCVE-2018-14879 (tcpdump -V)\n\nCVE-2018-16228 (HNCP) is a duplicate of the already fixed CVE-2019-1010220\n\nCVE-2018-16301 (fixed in libpcap)\n\nCVE-2018-16451 (SMB)\n\nCVE-2018-16452 (SMB)\n\nCVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)\n\nCVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : tcpdump (SUSE-SU-2020:3360-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167", "CVE-2020-8037"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:tcpdump", "p-cpe:/a:novell:suse_linux:tcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:tcpdump-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2020-3360-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143787", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3360-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143787);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\", \"CVE-2020-8037\");\n\n script_name(english:\"SUSE SLES12 Security Update : tcpdump (SUSE-SU-2020:3360-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for tcpdump fixes the following issues :\n\nCVE-2020-8037: Fixed an issue where PPP decapsulator did not allocate\nthe right buffer size (bsc#1178466).\n\nThe previous update of tcpdump already fixed variuous Buffer\noverflow/overread vulnerabilities [bsc#1153098, bsc#1153332]\n\nCVE-2017-16808 (AoE)\n\nCVE-2018-14468 (FrameRelay)\n\nCVE-2018-14469 (IKEv1)\n\nCVE-2018-14470 (BABEL)\n\nCVE-2018-14466 (AFS/RX)\n\nCVE-2018-14461 (LDP)\n\nCVE-2018-14462 (ICMP)\n\nCVE-2018-14465 (RSVP)\n\nCVE-2018-14464 (LMP)\n\nCVE-2019-15166 (LMP)\n\nCVE-2018-14880 (OSPF6)\n\nCVE-2018-14882 (RPL)\n\nCVE-2018-16227 (802.11)\n\nCVE-2018-16229 (DCCP)\n\nCVE-2018-14467 (BGP)\n\nCVE-2018-14881 (BGP)\n\nCVE-2018-16230 (BGP)\n\nCVE-2018-16300 (BGP)\n\nCVE-2018-14463 (VRRP)\n\nCVE-2019-15167 (VRRP)\n\nCVE-2018-14879 (tcpdump -V)\n\nCVE-2018-16228 (HNCP) is a duplicate of the already fixed\nCVE-2019-1010220\n\nCVE-2018-16301 (fixed in libpcap)\n\nCVE-2018-16451 (SMB)\n\nCVE-2018-16452 (SMB)\n\nCVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)\n\nCVE-2018-10105 (SMB - too unreliably reproduced, SMB printing\ndisabled)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1178466\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-16808/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10103/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14461/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14462/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14463/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14464/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14465/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14466/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14467/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14468/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14469/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14470/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14879/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14880/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14881/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14882/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16228/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16229/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16230/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16300/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16452/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010220/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15167/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-8037/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203360-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9c916938\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-3360=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-4.9.2-14.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-debuginfo-4.9.2-14.17.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-debugsource-4.9.2-14.17.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:17", "description": "This update for tcpdump fixes the following issues :\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tcpdump (openSUSE-2019-2348)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tcpdump", "p-cpe:/a:novell:opensuse:tcpdump-debuginfo", "p-cpe:/a:novell:opensuse:tcpdump-debugsource", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2348.NASL", "href": "https://www.tenable.com/plugins/nessus/130086", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2348.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130086);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"openSUSE Security Update : tcpdump (openSUSE-2019-2348)\");\n script_summary(english:\"Check for the openSUSE-2019-2348 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpdump fixes the following issues :\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read\n related to aoe_print and lookup_emem (bsc#1068716\n bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of\n SMB data (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of\n SMB data (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in\n print-ldp.c:ldp_tlv_print (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in\n print-icmp.c:icmp_print (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in\n print-vrrp.c:vrrp_print (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in\n print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in\n print-rsvp.c:rsvp_obj_print (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in\n print-rx.c:rx_cache_find (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in\n print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in\n print-fr.c:mfr_print (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in\n print-isakmp.c:ikev1_n_print (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in\n print-babel.c:babel_print_v2 (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the\n command-line argument parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3\n parser (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP\n parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6\n parser (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE\n 802.11 parser in print-802_11.c for the Mesh Flags\n subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP\n parser (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP\n parser (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP\n parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP\n parser that allowed denial-of-service by stack\n consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332\n bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in\n print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and\n \\PIPE\\LANMAN (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in\n smbutil.c:smb_fdata (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in\n lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP\n (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpdump packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"tcpdump-4.9.2-lp151.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"tcpdump-debuginfo-4.9.2-lp151.4.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"tcpdump-debugsource-4.9.2-lp151.4.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump / tcpdump-debuginfo / tcpdump-debugsource\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:09", "description": "New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461, CVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464, CVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105, CVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227, CVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452, CVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167, CVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 30 : 14:tcpdump (2019-d06bc63433)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:tcpdump", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-D06BC63433.NASL", "href": "https://www.tenable.com/plugins/nessus/130321", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-d06bc63433.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130321);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_xref(name:\"FEDORA\", value:\"2019-d06bc63433\");\n\n script_name(english:\"Fedora 30 : 14:tcpdump (2019-d06bc63433)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468,\nCVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461,\nCVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464,\nCVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105,\nCVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227,\nCVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452,\nCVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167,\nCVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-d06bc63433\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 14:tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"tcpdump-4.9.3-1.fc30\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:03", "description": "This update for tcpdump fixes the following issues :\n\nCVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n\nCVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\nCVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\nCVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n\nCVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n\nCVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n\nCVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\nCVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n\nCVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n\nCVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\nCVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n\nCVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n\nCVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n\nCVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n\nCVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n\nCVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n\nCVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n\nCVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\nCVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n\nCVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n\nCVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n\nCVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\nCVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n\nCVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n\nCVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n\nCVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : tcpdump (SUSE-SU-2019:2674-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:tcpdump", "p-cpe:/a:novell:suse_linux:tcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:tcpdump-debugsource", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2674-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129966", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2674-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129966);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/19\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : tcpdump (SUSE-SU-2019:2674-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpdump fixes the following issues :\n\nCVE-2017-16808: Fixed a heap-based buffer over-read related to\naoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n\nCVE-2018-10103: Fixed a mishandling of the printing of SMB data\n(bsc#1153098).\n\nCVE-2018-10105: Fixed a mishandling of the printing of SMB data\n(bsc#1153098).\n\nCVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print\n(bsc#1153098).\n\nCVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print\n(bsc#1153098).\n\nCVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print\n(bsc#1153098).\n\nCVE-2018-14464: Fixed a buffer over-read in\nprint-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\nCVE-2018-14465: Fixed a buffer over-read in\nprint-rsvp.c:rsvp_obj_print (bsc#1153098).\n\nCVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find\n(bsc#1153098).\n\nCVE-2018-14467: Fixed a buffer over-read in\nprint-bgp.c:bgp_capabilities_print (bsc#1153098).\n\nCVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print\n(bsc#1153098).\n\nCVE-2018-14469: Fixed a buffer over-read in\nprint-isakmp.c:ikev1_n_print (bsc#1153098).\n\nCVE-2018-14470: Fixed a buffer over-read in\nprint-babel.c:babel_print_v2 (bsc#1153098).\n\nCVE-2018-14879: Fixed a buffer overflow in the command-line argument\nparser (bsc#1153098).\n\nCVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser\n(bsc#1153098).\n\nCVE-2018-14881: Fixed a buffer over-read in the BGP parser\n(bsc#1153098).\n\nCVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser\n(bsc#1153098).\n\nCVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in\nprint-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\nCVE-2018-16228: Fixed a buffer over-read in the HNCP parser\n(bsc#1153098).\n\nCVE-2018-16229: Fixed a buffer over-read in the DCCP parser\n(bsc#1153098).\n\nCVE-2018-16230: Fixed a buffer over-read in the BGP parser in\nprint-bgp.c:bgp_attr_print (bsc#1153098).\n\nCVE-2018-16300: Fixed an unlimited recursion in the BGP parser that\nallowed denial-of-service by stack consumption (bsc#1153098).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\nCVE-2018-16451: Fixed several buffer over-reads in\nprint-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN\n(bsc#1153098).\n\nCVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata\n(bsc#1153098).\n\nCVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs\n(bsc#1153098).\n\nCVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1068716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2017-16808/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10103/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-10105/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14461/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14462/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14463/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14464/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14465/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14466/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14467/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14468/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14469/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14470/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14879/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14880/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14881/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-14882/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16227/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16228/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16229/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16230/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16300/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16301/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16451/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2018-16452/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-1010220/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15166/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-15167/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192674-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f7524703\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2674=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2674=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"tcpdump-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"tcpdump-debuginfo-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"tcpdump-debugsource-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tcpdump-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tcpdump-debuginfo-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"tcpdump-debugsource-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"tcpdump-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"tcpdump-debuginfo-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"tcpdump-debugsource-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tcpdump-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tcpdump-debuginfo-4.9.2-3.9.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"tcpdump-debugsource-4.9.2-3.9.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:24", "description": "New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461, CVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464, CVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105, CVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227, CVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452, CVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167, CVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 29 : 14:tcpdump (2019-85d92df70f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:tcpdump", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-85D92DF70F.NASL", "href": "https://www.tenable.com/plugins/nessus/130308", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-85d92df70f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130308);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_xref(name:\"FEDORA\", value:\"2019-85d92df70f\");\n\n script_name(english:\"Fedora 29 : 14:tcpdump (2019-85d92df70f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468,\nCVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461,\nCVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464,\nCVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105,\nCVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227,\nCVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452,\nCVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167,\nCVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-85d92df70f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 14:tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"tcpdump-4.9.3-1.fc29\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:03", "description": "This update for tcpdump fixes the following issues :\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print and lookup_emem (bsc#1068716 bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of SMB data (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2 (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the command-line argument parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP parser (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that allowed denial-of-service by stack consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : tcpdump (openSUSE-2019-2344)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:tcpdump", "p-cpe:/a:novell:opensuse:tcpdump-debuginfo", "p-cpe:/a:novell:opensuse:tcpdump-debugsource", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2344.NASL", "href": "https://www.tenable.com/plugins/nessus/130083", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2344.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130083);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n\n script_name(english:\"openSUSE Security Update : tcpdump (openSUSE-2019-2344)\");\n script_summary(english:\"Check for the openSUSE-2019-2344 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for tcpdump fixes the following issues :\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read\n related to aoe_print and lookup_emem (bsc#1068716\n bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of\n SMB data (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of\n SMB data (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in\n print-ldp.c:ldp_tlv_print (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in\n print-icmp.c:icmp_print (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in\n print-vrrp.c:vrrp_print (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in\n print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in\n print-rsvp.c:rsvp_obj_print (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in\n print-rx.c:rx_cache_find (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in\n print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in\n print-fr.c:mfr_print (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in\n print-isakmp.c:ikev1_n_print (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in\n print-babel.c:babel_print_v2 (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the\n command-line argument parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3\n parser (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP\n parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6\n parser (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE\n 802.11 parser in print-802_11.c for the Mesh Flags\n subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP\n parser (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP\n parser (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP\n parser in print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP\n parser that allowed denial-of-service by stack\n consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332\n bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in\n print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and\n \\PIPE\\LANMAN (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in\n smbutil.c:smb_fdata (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in\n lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP\n (bsc#1153098).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1068716\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153098\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected tcpdump packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tcpdump-4.9.2-lp150.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tcpdump-debuginfo-4.9.2-lp150.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"tcpdump-debugsource-4.9.2-lp150.10.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump / tcpdump-debuginfo / tcpdump-debugsource\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:37", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The tcpdump packages contain the tcpdump utility for monitoring network traffic. The tcpdump utility can capture and display the packet headers on a particular network interface or on all interfaces.Security Fix(es):tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.(CVE-2017-16808)The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144 64)The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)libpca p before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading.(CVE-2018-16301)The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().(CVE-2018-16228)lmp_print_d ata_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is:\n May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: 'ND_PRINT((ndo, '%s', buf))', in function named 'print_prefix', in 'print-hncp.c'. The attack vector is: The victim must open a specially crafted pcap file.(CVE-2019-1010220)In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.(CVE-2018-19519)The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : tcpdump (EulerOS-SA-2019-2305)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2305.NASL", "href": "https://www.tenable.com/plugins/nessus/131371", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131371);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-16808\",\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2018-19519\",\n \"CVE-2019-1010220\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : tcpdump (EulerOS-SA-2019-2305)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - The tcpdump packages contain the tcpdump utility for\n monitoring network traffic. The tcpdump utility can\n capture and display the packet headers on a particular\n network interface or on all interfaces.Security\n Fix(es):tcpdump before 4.9.3 has a heap-based buffer\n over-read related to aoe_print in print-aoe.c and\n lookup_emem in addrtoname.c.(CVE-2017-16808)The FRF.16\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-fr.c:mfr_print().(CVE-2018-14468)The IKEv1\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)The\n Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-babel.c:babel_print_v2().(CVE-2018-14470)The Rx\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-rx.c:rx_cache_find() and\n rx_cache_insert().(CVE-2018-14466)The LDP parser in\n tcpdump before 4.9.3 has a buffer over-read in\n print-ldp.c:ldp_tlv_print().(CVE-2018-14461)The ICMP\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-icmp.c:icmp_print().(CVE-2018-14462)The RSVP\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)The\n BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART).(CVE-2018-14881)The LMP parser in\n tcpdump before 4.9.3 has a buffer over-read in\n print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144\n 64)The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-vrrp.c:vrrp_print().(CVE-2018-14463)The BGP\n parser in tcpdump before 4.9.3 has a buffer over-read\n in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP).(CVE-2018-14467)tcpdump before 4.9.3\n mishandles the printing of SMB data (issue 1 of\n 2).(CVE-2018-10103)tcpdump before 4.9.3 mishandles the\n printing of SMB data (issue 2 of 2).(CVE-2018-10105)The\n OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)The\n SMB parser in tcpdump before 4.9.3 has buffer\n over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)The\n ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)The IEEE\n 802.11 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-802_11.c for the Mesh Flags\n subfield.(CVE-2018-16227)The DCCP parser in tcpdump\n before 4.9.3 has a buffer over-read in\n print-dccp.c:dccp_print_option().(CVE-2018-16229)libpca\n p before 1.9.1, as used in tcpdump before 4.9.3, has a\n buffer overflow and/or over-read because of errors in\n pcapng reading.(CVE-2018-16301)The BGP parser in\n tcpdump before 4.9.3 has a buffer over-read in\n print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI).(CVE-2018-16230)The SMB parser in\n tcpdump before 4.9.3 has stack exhaustion in\n smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)The\n BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion.(CVE-2018-16300)The HNCP parser in\n tcpdump before 4.9.3 has a buffer over-read in\n print-hncp.c:print_prefix().(CVE-2018-16228)lmp_print_d\n ata_link_subobjs() in print-lmp.c in tcpdump before\n 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)tcpdump.org tcpdump 4.9.2 is\n affected by: CWE-126: Buffer Over-read. The impact is:\n May expose Saved Frame Pointer, Return Address etc. on\n stack. The component is: line 234: 'ND_PRINT((ndo,\n '%s', buf))', in function named 'print_prefix', in\n 'print-hncp.c'. The attack vector is: The victim must\n open a specially crafted pcap file.(CVE-2019-1010220)In\n tcpdump 4.9.2, a stack-based buffer over-read exists in\n the print_prefix function of print-hncp.c via crafted\n packet data because of missing\n initialization.(CVE-2018-19519)The command-line\n argument parser in tcpdump before 4.9.3 has a buffer\n overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2305\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?18e70f62\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.3-1.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:03", "description": "New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468, CVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461, CVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464, CVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105, CVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227, CVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452, CVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167, CVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "nessus", "title": "Fedora 31 : 14:tcpdump (2019-6db0d5b9d9)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:tcpdump", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-6DB0D5B9D9.NASL", "href": "https://www.tenable.com/plugins/nessus/130370", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-6db0d5b9d9.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130370);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_xref(name:\"FEDORA\", value:\"2019-6db0d5b9d9\");\n\n script_name(english:\"Fedora 31 : 14:tcpdump (2019-6db0d5b9d9)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New version 4.9.3, Security fix for CVE-2017-16808, CVE-2018-14468,\nCVE-2018-14469, CVE-2018-14470, CVE-2018-14466, CVE-2018-14461,\nCVE-2018-14462, CVE-2018-14465, CVE-2018-14881, CVE-2018-14464,\nCVE-2018-14463, CVE-2018-14467, CVE-2018-10103, CVE-2018-10105,\nCVE-2018-14880, CVE-2018-16451, CVE-2018-14882, CVE-2018-16227,\nCVE-2018-16229, CVE-2018-16301, CVE-2018-16230, CVE-2018-16452,\nCVE-2018-16300, CVE-2018-16228, CVE-2019-15166, CVE-2019-15167,\nCVE-2017-16808, CVE-2018-14882, CVE-2018-19519\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-6db0d5b9d9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 14:tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"tcpdump-4.9.3-1.fc31\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:03:35", "description": "CVE-2018-10103\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).\n\nCVE-2018-10105 tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).\n\nCVE-2018-14882 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.\n\nCVE-2019-15166 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n\nCVE-2018-16230 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).\n\nCVE-2018-16300 The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.\n\nCVE-2018-14881 The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).\n\nCVE-2018-16229 The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n\nCVE-2018-16228 The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n\nCVE-2018-16227 The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.\n\nCVE-2018-16451 The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.\n\nCVE-2018-16452 The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n\nImpact\n\nThese vulnerabilities can result in denial of service (DoS) or, potentially, execution of arbitrary code.", "cvss3": {}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : Multiple tcpdump vulnerabilities (K44551633)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL44551633.NASL", "href": "https://www.tenable.com/plugins/nessus/138231", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K44551633.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138231);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n\n script_name(english:\"F5 Networks BIG-IP : Multiple tcpdump vulnerabilities (K44551633)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"CVE-2018-10103\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of\n2).\n\nCVE-2018-10105 tcpdump before 4.9.3 mishandles the printing of SMB\ndata (issue 2 of 2).\n\nCVE-2018-14882 The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\nover-read in print-icmp6.c.\n\nCVE-2019-15166 lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\nbefore 4.9.3 lacks certain bounds checks.\n\nCVE-2018-16230 The BGP parser in tcpdump before 4.9.3 has a buffer\nover-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).\n\nCVE-2018-16300 The BGP parser in tcpdump before 4.9.3 allows stack\nconsumption in print-bgp.c:bgp_attr_print() because of unlimited\nrecursion.\n\nCVE-2018-14881 The BGP parser in tcpdump before 4.9.3 has a buffer\nover-read in print-bgp.c:bgp_capabilities_print()\n(BGP_CAPCODE_RESTART).\n\nCVE-2018-16229 The DCCP parser in tcpdump before 4.9.3 has a buffer\nover-read in print-dccp.c:dccp_print_option().\n\nCVE-2018-16228 The HNCP parser in tcpdump before 4.9.3 has a buffer\nover-read in print-hncp.c:print_prefix().\n\nCVE-2018-16227 The IEEE 802.11 parser in tcpdump before 4.9.3 has a\nbuffer over-read in print-802_11.c for the Mesh Flags subfield.\n\nCVE-2018-16451 The SMB parser in tcpdump before 4.9.3 has buffer\nover-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and\n\\PIPE\\LANMAN.\n\nCVE-2018-16452 The SMB parser in tcpdump before 4.9.3 has stack\nexhaustion in smbutil.c:smb_fdata() via recursion.\n\nImpact\n\nThese vulnerabilities can result in denial of service (DoS) or,\npotentially, execution of arbitrary code.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K44551633\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K44551633.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K44551633\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.5.2-11.6.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_hole(port:0, extra:bigip_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:54:57", "description": "Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS : tcpdump vulnerabilities (USN-4252-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2023-05-11T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:tcpdump", "cpe:/o:canonical:ubuntu_linux:16.04", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts"], "id": "UBUNTU_USN-4252-1.NASL", "href": "https://www.tenable.com/plugins/nessus/133291", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4252-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(133291);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/11\");\n\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_xref(name:\"USN\", value:\"4252-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS : tcpdump vulnerabilities (USN-4252-1)\");\n script_summary(english:\"Checks dpkg output for updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Ubuntu host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple security issues were discovered in tcpdump. A remote attacker\ncould use these issues to cause tcpdump to crash, resulting in a\ndenial of service, or possibly execute arbitrary code.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/4252-1/\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected tcpdump package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/11/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2020-2023 Canonical, Inc. / NASL script (C) 2020-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 16.04 / 18.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar flag = 0;\n\nif (ubuntu_check(osver:\"16.04\", pkgname:\"tcpdump\", pkgver:\"4.9.3-0ubuntu0.16.04.1\")) flag++;\nif (ubuntu_check(osver:\"18.04\", pkgname:\"tcpdump\", pkgver:\"4.9.3-0ubuntu0.18.04.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:54:45", "description": "According to the versions of the tcpdump package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - tcpdump.org tcpdump 4.9.2 is affected by: CWE-126:\n Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234: 'ND_PRINT((ndo, '%s', buf))', in function named 'print_prefix', in 'print-hncp.c'. The attack vector is: The victim must open a specially crafted pcap file.(CVE-2019-1010220)\n\n - In tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.(CVE-2018-19519)\n\n - This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-15167)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().(CVE-2018-16228)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\n - libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading.(CVE-2018-16301)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144 64)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - tcpdump 4.9.2 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.(CVE-2017-16808)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : tcpdump (EulerOS-SA-2020-1072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2018-19519", "CVE-2019-1010220", "CVE-2019-15166", "CVE-2019-15167"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:uvp:3.0.5.0"], "id": "EULEROS_SA-2020-1072.NASL", "href": "https://www.tenable.com/plugins/nessus/132826", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132826);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2017-16808\",\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2018-19519\",\n \"CVE-2019-1010220\",\n \"CVE-2019-15166\",\n \"CVE-2019-15167\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : tcpdump (EulerOS-SA-2020-1072)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - tcpdump.org tcpdump 4.9.2 is affected by: CWE-126:\n Buffer Over-read. The impact is: May expose Saved Frame\n Pointer, Return Address etc. on stack. The component\n is: line 234: 'ND_PRINT((ndo, '%s', buf))', in function\n named 'print_prefix', in 'print-hncp.c'. The attack\n vector is: The victim must open a specially crafted\n pcap file.(CVE-2019-1010220)\n\n - In tcpdump 4.9.2, a stack-based buffer over-read exists\n in the print_prefix function of print-hncp.c via\n crafted packet data because of missing\n initialization.(CVE-2018-19519)\n\n - This candidate has been reserved by an organization or\n individual that will use it when announcing a new\n security problem. When the candidate has been\n publicized, the details for this candidate will be\n provided.(CVE-2019-15167)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-hncp.c:print_prefix().(CVE-2018-16228)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion.(CVE-2018-16300)\n\n - The SMB parser in tcpdump before 4.9.3 has stack\n exhaustion in smbutil.c:smb_fdata() via\n recursion.(CVE-2018-16452)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI).(CVE-2018-16230)\n\n - libpcap before 1.9.1, as used in tcpdump before 4.9.3,\n has a buffer overflow and/or over-read because of\n errors in pcapng reading.(CVE-2018-16301)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a\n buffer over-read in print-802_11.c for the Mesh Flags\n subfield.(CVE-2018-16227)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer\n over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 2 of 2).(CVE-2018-10105)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 1 of 2).(CVE-2018-10103)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-144\n 64)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer\n over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert().(CVE-2018-14466)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer\n over-read in\n print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - tcpdump 4.9.2 has a heap-based buffer over-read related\n to aoe_print in print-aoe.c and lookup_emem in\n addrtoname.c.(CVE-2017-16808)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1072\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0378180a\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.3-1.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:24", "description": "Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 29 : 14:libpcap (2019-b92ce3144a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2019-12-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:libpcap", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-B92CE3144A.NASL", "href": "https://www.tenable.com/plugins/nessus/130317", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b92ce3144a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130317);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_xref(name:\"FEDORA\", value:\"2019-b92ce3144a\");\n\n script_name(english:\"Fedora 29 : 14:libpcap (2019-b92ce3144a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162,\nCVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b92ce3144a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected 14:libpcap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"libpcap-1.9.1-1.fc29\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:13", "description": "Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 30 : 14:libpcap (2019-eaa681d33e)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:libpcap", "cpe:/o:fedoraproject:fedora:30"], "id": "FEDORA_2019-EAA681D33E.NASL", "href": "https://www.tenable.com/plugins/nessus/130325", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-eaa681d33e.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130325);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_xref(name:\"FEDORA\", value:\"2019-eaa681d33e\");\n\n script_name(english:\"Fedora 30 : 14:libpcap (2019-eaa681d33e)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162,\nCVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-eaa681d33e\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 14:libpcap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"libpcap-1.9.1-1.fc30\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:31:34", "description": "An update of the libpcap package has been released.", "cvss3": {}, "published": "2019-12-31T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Libpcap PHSA-2019-2.0-0187", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libpcap", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0187_LIBPCAP.NASL", "href": "https://www.tenable.com/plugins/nessus/132543", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0187. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132543);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2018-16301\",\n \"CVE-2019-15161\",\n \"CVE-2019-15162\",\n \"CVE-2019-15163\",\n \"CVE-2019-15164\",\n \"CVE-2019-15165\"\n );\n\n script_name(english:\"Photon OS 2.0: Libpcap PHSA-2019-2.0-0187\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libpcap package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-187.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16301\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"libpcap-1.9.1-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"libpcap-debuginfo-1.9.1-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:47", "description": "Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162, CVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-28T00:00:00", "type": "nessus", "title": "Fedora 31 : 14:libpcap (2019-4fe461079f)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:14:libpcap", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2019-4FE461079F.NASL", "href": "https://www.tenable.com/plugins/nessus/130300", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-4fe461079f.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130300);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_xref(name:\"FEDORA\", value:\"2019-4fe461079f\");\n\n script_name(english:\"Fedora 31 : 14:libpcap (2019-4fe461079f)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Security fix for CVE-2018-16301, CVE-2019-15161, CVE-2019-15162,\nCVE-2019-15163, CVE-2019-15164, CVE-2019-15165\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-4fe461079f\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected 14:libpcap package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:14:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"libpcap-1.9.1-1.fc31\", epoch:\"14\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"14:libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:55:46", "description": "According to the versions of the libpcap package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.(CVE-2019-15165)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.(CVE-2019-15164)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.(CVE-2019-15163)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable.\n This may open up an attack vector involving extra data at the end of a request.(CVE-2019-15161)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.(CVE-2019-15162)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-01-13T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.5.0 : libpcap (EulerOS-SA-2020-1082)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libpcap", "cpe:/o:huawei:euleros:uvp:3.0.5.0"], "id": "EULEROS_SA-2020-1082.NASL", "href": "https://www.tenable.com/plugins/nessus/132836", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132836);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-15161\",\n \"CVE-2019-15162\",\n \"CVE-2019-15163\",\n \"CVE-2019-15164\",\n \"CVE-2019-15165\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.5.0 : libpcap (EulerOS-SA-2020-1082)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libpcap package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - sf-pcapng.c in libpcap before 1.9.1 does not properly\n validate the PHB header length before allocating\n memory.(CVE-2019-15165)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF\n because a URL may be provided as a capture\n source.(CVE-2019-15164)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows\n attackers to cause a denial of service (NULL pointer\n dereference and daemon crash) if a crypt() call\n fails.(CVE-2019-15163)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 mishandles\n certain length values because of reuse of a variable.\n This may open up an attack vector involving extra data\n at the end of a request.(CVE-2019-15161)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows\n platforms provides details about why authentication\n failed, which might make it easier for attackers to\n enumerate valid usernames.(CVE-2019-15162)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1082\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?af3ba3c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libpcap packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.5.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.5.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.5.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libpcap-1.9.1-2.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:39", "description": "An update of the libpcap package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Libpcap PHSA-2019-3.0-0034", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:libpcap", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0034_LIBPCAP.NASL", "href": "https://www.tenable.com/plugins/nessus/130119", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0034. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130119);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\n \"CVE-2019-15161\",\n \"CVE-2019-15162\",\n \"CVE-2019-15163\",\n \"CVE-2019-15164\",\n \"CVE-2019-15165\"\n );\n\n script_name(english:\"Photon OS 3.0: Libpcap PHSA-2019-3.0-0034\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the libpcap package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0034.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libpcap-1.9.1-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libpcap-debuginfo-1.9.1-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"libpcap-devel-1.9.1-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:32:29", "description": "According to the versions of the libpcap package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Libpcap provides a portable framework for low-level network monitoring. Libpcap can provide network statistics collection,security monitoring and network debugging. Since almost every system vendor provides a different interface for packet capture, the libpcap authors created this system-independent API to ease in porting and to alleviate the need for several system-dependent packet capture modules in each application.Install libpcap if you need to do low-level network traffic monitoring on your network.Security Fix(es):rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.(CVE-2019-15161)rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.(CVE-2019-15162)rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.(CVE-2019-15163)rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.(CVE-2019-15164)sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.(CVE-2019-15165)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-11-27T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : libpcap (EulerOS-SA-2019-2286)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libpcap", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2286.NASL", "href": "https://www.tenable.com/plugins/nessus/131352", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131352);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-15161\",\n \"CVE-2019-15162\",\n \"CVE-2019-15163\",\n \"CVE-2019-15164\",\n \"CVE-2019-15165\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : libpcap (EulerOS-SA-2019-2286)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libpcap package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Libpcap provides a portable framework for low-level\n network monitoring. Libpcap can provide network\n statistics collection,security monitoring and network\n debugging. Since almost every system vendor provides a\n different interface for packet capture, the libpcap\n authors created this system-independent API to ease in\n porting and to alleviate the need for several\n system-dependent packet capture modules in each\n application.Install libpcap if you need to do low-level\n network traffic monitoring on your network.Security\n Fix(es):rpcapd/daemon.c in libpcap before 1.9.1\n mishandles certain length values because of reuse of a\n variable. This may open up an attack vector involving\n extra data at the end of a\n request.(CVE-2019-15161)rpcapd/daemon.c in libpcap\n before 1.9.1 on non-Windows platforms provides details\n about why authentication failed, which might make it\n easier for attackers to enumerate valid\n usernames.(CVE-2019-15162)rpcapd/daemon.c in libpcap\n before 1.9.1 allows attackers to cause a denial of\n service (NULL pointer dereference and daemon crash) if\n a crypt() call fails.(CVE-2019-15163)rpcapd/daemon.c in\n libpcap before 1.9.1 allows SSRF because a URL may be\n provided as a capture\n source.(CVE-2019-15164)sf-pcapng.c in libpcap before\n 1.9.1 does not properly validate the PHB header length\n before allocating memory.(CVE-2019-15165)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2286\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5f388d8e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libpcap packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libpcap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"libpcap-1.9.1-1.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:03:01", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2020-1623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14468", "CVE-2018-14882", "CVE-2019-15166"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1623.NASL", "href": "https://www.tenable.com/plugins/nessus/137465", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137465);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14468\",\n \"CVE-2018-14882\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : tcpdump (EulerOS-SA-2020-1623)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 2 of 2).(CVE-2018-10105)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1623\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6a1b8f13\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.0-5.h180\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T14:59:33", "description": "According to the versions of the tcpdump package installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : tcpdump (EulerOS-SA-2020-1558)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14468", "CVE-2018-14882", "CVE-2019-15166"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1558.NASL", "href": "https://www.tenable.com/plugins/nessus/136261", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136261);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14468\",\n \"CVE-2018-14882\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : tcpdump (EulerOS-SA-2020-1558)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS Virtualization for ARM 64 installation on the remote host is\naffected by the following vulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 2 of 2).(CVE-2018-10105)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 1 of 2).(CVE-2018-10103)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1558\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?378fbebc\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.2-3.h3\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:05", "description": "According to the versions of the tcpdump package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-12-23T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2703)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14468", "CVE-2018-14882", "CVE-2019-15166"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:tcpdump", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2019-2703.NASL", "href": "https://www.tenable.com/plugins/nessus/132370", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(132370);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14468\",\n \"CVE-2018-14882\",\n \"CVE-2019-15166\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : tcpdump (EulerOS-SA-2019-2703)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the tcpdump package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 1 of 2).(CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB\n data (issue 2 of 2).(CVE-2018-10105)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c.(CVE-2018-14882)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds\n checks.(CVE-2019-15166)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2703\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a912cce4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"tcpdump-4.9.2-3.h3.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"tcpdump\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:33:07", "description": "The remote host is running a version of macOS / Mac OS X that is 10.13.x prior to 10.13.6 Security Update 2019-007, 10.14.x prior to 10.14.6 Security Update 2019-002, or 10.15.x prior to 10.15.2. It is, therefore, affected by multiple vulnerabilities :\n\n - slapd in OpenLDAP before 2.4.30 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via an LDAP search query with attrsOnly set to true, which causes empty attributes to be returned.\n (CVE-2012-1164)\n\n - libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31 and earlier, when using the Mozilla NSS backend, always uses the default cipher suite even when TLSCipherSuite is set, which might cause OpenLDAP to use weaker ciphers than intended and make it easier for remote attackers to obtain sensitive information. (CVE-2012-2668)\n\n - The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier does not properly count references, which allows remote attackers to cause a denial of service (slapd crash) by unbinding immediately after a search request, which triggers rwm_conn_destroy to free the session context while it is being used by rwm_op_search. (CVE-2013-4449)\n\n - The deref_parseCtrl function in servers/slapd/overlays/deref.c in OpenLDAP 2.4.13 through 2.4.40 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via an empty attribute list in a deref control in a search request. (CVE-2015-1545)\n\n - tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c. (CVE-2017-16808)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().\n (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over- read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().\n (CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. (CVE-2018-16227)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - libpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over- reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - An issue was discovered in the server in OpenLDAP before 2.4.48. When the server administrator delegates rootDN (database admin) privileges for certain databases but wants to maintain isolation (e.g., for multi-tenant deployments), slapd does not properly stop a rootDN from requesting authorization as an identity from another database during a SASL bind or with a proxyAuthz (RFC 4370) control. (It is not a common configuration to deploy a system where the server administrator and a DB administrator enjoy different levels of trust.) (CVE-2019-13057)\n\n - An issue was discovered in OpenLDAP 2.x before 2.4.48.\n When using SASL authentication and session encryption, and relying on the SASL security layers in slapd access controls, it is possible to obtain access that would otherwise be denied via a simple bind for any identity covered in those ACLs. After the first SASL bind is completed, the sasl_ssf value is retained for all new non-SASL connections. Depending on the ACL configuration, this can affect different types of operations (searches, modifications, etc.). In other words, a successful authorization step completed by one user affects the authorization requirement for a different user. (CVE-2019-13565)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable.\n This may open up an attack vector involving extra data at the end of a request. (CVE-2019-15161)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames. (CVE-2019-15162)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.\n (CVE-2019-15163)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.\n (CVE-2019-15164)\n\n - sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.\n (CVE-2019-15165)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\n - In libexpat before 2.2.8, crafted XML input could fool the parser into changing from DTD parsing to document parsing too early; a consecutive call to XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber) then resulted in a heap-based buffer over-read.\n (CVE-2019-15903)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported version number.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "nessus", "title": "macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-1164", "CVE-2012-2668", "CVE-2013-4449", "CVE-2015-1545", "CVE-2017-16808", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14470", "CVE-2018-14879", "CVE-2018-14880", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16227", "CVE-2018-16228", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-13057", "CVE-2019-13565", "CVE-2019-15161", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164", "CVE-2019-15165", "CVE-2019-15166", "CVE-2019-15167", "CVE-2019-15903", "CVE-2019-8828", "CVE-2019-8830", "CVE-2019-8832", "CVE-2019-8833", "CVE-2019-8837", "CVE-2019-8838", "CVE-2019-8839", "CVE-2019-8842", "CVE-2019-8847", "CVE-2019-8848", "CVE-2019-8852", "CVE-2019-8853", "CVE-2019-8856"], "modified": "2022-05-18T00:00:00", "cpe": ["cpe:/o:apple:mac_os_x", "cpe:/o:apple:macos"], "id": "MACOS_HT210788.NASL", "href": "https://www.tenable.com/plugins/nessus/131957", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(131957);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\n \"CVE-2012-1164\",\n \"CVE-2012-2668\",\n \"CVE-2013-4449\",\n \"CVE-2015-1545\",\n \"CVE-2017-16808\",\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14470\",\n \"CVE-2018-14879\",\n \"CVE-2018-14880\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16227\",\n \"CVE-2018-16228\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-8828\",\n \"CVE-2019-8830\",\n \"CVE-2019-8832\",\n \"CVE-2019-8833\",\n \"CVE-2019-8837\",\n \"CVE-2019-8838\",\n \"CVE-2019-8839\",\n \"CVE-2019-8842\",\n \"CVE-2019-8847\",\n \"CVE-2019-8848\",\n \"CVE-2019-8852\",\n \"CVE-2019-8853\",\n \"CVE-2019-8856\",\n \"CVE-2019-13057\",\n \"CVE-2019-13565\",\n \"CVE-2019-15161\",\n \"CVE-2019-15162\",\n \"CVE-2019-15163\",\n \"CVE-2019-15164\",\n \"CVE-2019-15165\",\n \"CVE-2019-15166\",\n \"CVE-2019-15167\",\n \"CVE-2019-15903\"\n );\n script_bugtraq_id(\n 52404,\n 53823,\n 63190,\n 72519\n );\n script_xref(name:\"APPLE-SA\", value:\"HT210788\");\n script_xref(name:\"APPLE-SA\", value:\"APPLE-SA-2019-12-06\");\n\n script_name(english:\"macOS 10.15.x < 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host is missing a macOS update that fixes multiple vulnerabilities\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is running a version of macOS / Mac OS X that is 10.13.x prior\nto 10.13.6 Security Update 2019-007, 10.14.x prior to 10.14.6 Security Update\n2019-002, or 10.15.x prior to 10.15.2. It is, therefore, affected by multiple\nvulnerabilities :\n\n - slapd in OpenLDAP before 2.4.30 allows remote attackers\n to cause a denial of service (assertion failure and\n daemon exit) via an LDAP search query with attrsOnly set\n to true, which causes empty attributes to be returned.\n (CVE-2012-1164)\n\n - libraries/libldap/tls_m.c in OpenLDAP, possibly 2.4.31\n and earlier, when using the Mozilla NSS backend, always\n uses the default cipher suite even when TLSCipherSuite\n is set, which might cause OpenLDAP to use weaker ciphers\n than intended and make it easier for remote attackers to\n obtain sensitive information. (CVE-2012-2668)\n\n - The rwm overlay in OpenLDAP 2.4.23, 2.4.36, and earlier\n does not properly count references, which allows remote\n attackers to cause a denial of service (slapd crash) by\n unbinding immediately after a search request, which\n triggers rwm_conn_destroy to free the session context\n while it is being used by rwm_op_search. (CVE-2013-4449)\n\n - The deref_parseCtrl function in\n servers/slapd/overlays/deref.c in OpenLDAP 2.4.13\n through 2.4.40 allows remote attackers to cause a denial\n of service (NULL pointer dereference and crash) via an\n empty attribute list in a deref control in a search\n request. (CVE-2015-1545)\n\n - tcpdump before 4.9.3 has a heap-based buffer over-read\n related to aoe_print in print-aoe.c and lookup_emem in\n addrtoname.c. (CVE-2017-16808)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data\n (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data\n (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp.c:icmp_print(). (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-vrrp.c:vrrp_print(). (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-lmp.c:lmp_print_data_link_subobjs().\n (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-\n read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-fr.c:mfr_print(). (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The Babel parser in tcpdump before 4.9.3 has a buffer\n over-read in print-babel.c:babel_print_v2().\n (CVE-2018-14470)\n\n - The command-line argument parser in tcpdump before 4.9.3\n has a buffer overflow in tcpdump.c:get_next_file().\n (CVE-2018-14879)\n\n - The OSPFv3 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-ospf6.c:ospf6_print_lshdr().\n (CVE-2018-14880)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer\n over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.3 has a\n buffer over-read in print-802_11.c for the Mesh Flags\n subfield. (CVE-2018-16227)\n\n - The HNCP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-hncp.c:print_prefix().\n (CVE-2018-16228)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer\n over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack\n consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - libpcap before 1.9.1, as used in tcpdump before 4.9.3,\n has a buffer overflow and/or over-read because of errors\n in pcapng reading. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-\n reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE\n and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack\n exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - An issue was discovered in the server in OpenLDAP before\n 2.4.48. When the server administrator delegates rootDN\n (database admin) privileges for certain databases but\n wants to maintain isolation (e.g., for multi-tenant\n deployments), slapd does not properly stop a rootDN from\n requesting authorization as an identity from another\n database during a SASL bind or with a proxyAuthz (RFC\n 4370) control. (It is not a common configuration to\n deploy a system where the server administrator and a DB\n administrator enjoy different levels of trust.)\n (CVE-2019-13057)\n\n - An issue was discovered in OpenLDAP 2.x before 2.4.48.\n When using SASL authentication and session encryption,\n and relying on the SASL security layers in slapd access\n controls, it is possible to obtain access that would\n otherwise be denied via a simple bind for any identity\n covered in those ACLs. After the first SASL bind is\n completed, the sasl_ssf value is retained for all new\n non-SASL connections. Depending on the ACL\n configuration, this can affect different types of\n operations (searches, modifications, etc.). In other\n words, a successful authorization step completed by one\n user affects the authorization requirement for a\n different user. (CVE-2019-13565)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 mishandles\n certain length values because of reuse of a variable.\n This may open up an attack vector involving extra data\n at the end of a request. (CVE-2019-15161)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 on non-Windows\n platforms provides details about why authentication\n failed, which might make it easier for attackers to\n enumerate valid usernames. (CVE-2019-15162)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows attackers\n to cause a denial of service (NULL pointer dereference\n and daemon crash) if a crypt() call fails.\n (CVE-2019-15163)\n\n - rpcapd/daemon.c in libpcap before 1.9.1 allows SSRF\n because a URL may be provided as a capture source.\n (CVE-2019-15164)\n\n - sf-pcapng.c in libpcap before 1.9.1 does not properly\n validate the PHB header length before allocating memory.\n (CVE-2019-15165)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump\n before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\n - In libexpat before 2.2.8, crafted XML input could fool\n the parser into changing from DTD parsing to document\n parsing too early; a consecutive call to\n XML_GetCurrentLineNumber (or XML_GetCurrentColumnNumber)\n then resulted in a heap-based buffer over-read.\n (CVE-2019-15903)\n\nNote that Nessus has not tested for this issue but has instead relied only on the operating system's self-reported\nversion number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://support.apple.com/en-us/HT210788\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to macOS 10.15.2 / 10.14.x < 10.14.6 Security Update 2019-002 / 10.13.x < 10.13.6 Security Update 2019-007 or\nlater\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8852\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/06/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/12/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:mac_os_x\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:apple:macos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"MacOS X Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"os_fingerprint.nasl\");\n script_require_ports(\"Host/MacOSX/Version\", \"Host/OS\");\n\n exit(0);\n}\n\ninclude('lists.inc');\ninclude('vcf.inc');\ninclude('vcf_extras_apple.inc');\n\napp_info = vcf::apple::macos::get_app_info();\n\nconstraints = [\n { 'min_version' : '10.15', 'fixed_version' : '10.15.2' },\n { 'min_version' : '10.13', 'max_version' : '10.13.6', 'fixed_build': '17G10021', 'fixed_display' : '10.13.6 Security Update 2019-007' },\n { 'min_version' : '10.14', 'max_version' : '10.14.6', 'fixed_build': '18G2022', 'fixed_display' : '10.14.6 Security Update 2019-002' }\n];\nvcf::apple::macos::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:21", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Linux PHSA-2019-3.0-0034", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14821", "CVE-2019-14835", "CVE-2019-15918"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0034_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/130120", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0034. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130120);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\", \"CVE-2019-15918\");\n\n script_name(english:\"Photon OS 3.0: Linux PHSA-2019-3.0-0034\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0034.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15918\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2019-14821\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-api-headers-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-debuginfo-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-devel-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-docs-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-drivers-gpu-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-oprofile-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-aws-sound-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-debuginfo-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-devel-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-docs-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-drivers-gpu-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-drivers-sound-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-debuginfo-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-devel-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-esx-docs-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-oprofile-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-debuginfo-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-devel-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-docs-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-secure-lkcm-4.19.76-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"linux-tools-4.19.76-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:05", "description": "This update for libpcap fixes the following issues :\n\n - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libpcap (openSUSE-2019-2343)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15165"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpcap-debugsource", "p-cpe:/a:novell:opensuse:libpcap-devel", "p-cpe:/a:novell:opensuse:libpcap-devel-32bit", "p-cpe:/a:novell:opensuse:libpcap-devel-static", "p-cpe:/a:novell:opensuse:libpcap1", "p-cpe:/a:novell:opensuse:libpcap1-32bit", "p-cpe:/a:novell:opensuse:libpcap1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpcap1-debuginfo", "cpe:/o:novell:opensuse:15.0"], "id": "OPENSUSE-2019-2343.NASL", "href": "https://www.tenable.com/plugins/nessus/130082", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2343.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(130082);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n\n script_name(english:\"openSUSE Security Update : libpcap (openSUSE-2019-2343)\");\n script_summary(english:\"Check for the openSUSE-2019-2343 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for libpcap fixes the following issues :\n\n - CVE-2019-15165: Added sanity checks for PHB header\n length before allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libpcap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpcap-debugsource-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpcap-devel-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpcap-devel-static-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpcap1-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"libpcap1-debuginfo-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpcap-devel-32bit-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-lp150.3.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", cpu:\"x86_64\", reference:\"libpcap1-32bit-debuginfo-1.8.1-lp150.3.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap-debugsource / libpcap-devel / libpcap-devel-static / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:20", "description": "This update for libpcap fixes the following issues :\n\n - CVE-2019-15165: Added sanity checks for PHB header length before allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "nessus", "title": "openSUSE Security Update : libpcap (openSUSE-2019-2345)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:libpcap-debugsource", "p-cpe:/a:novell:opensuse:libpcap-devel", "p-cpe:/a:novell:opensuse:libpcap-devel-32bit", "p-cpe:/a:novell:opensuse:libpcap-devel-static", "p-cpe:/a:novell:opensuse:libpcap1", "p-cpe:/a:novell:opensuse:libpcap1-32bit", "p-cpe:/a:novell:opensuse:libpcap1-32bit-debuginfo", "p-cpe:/a:novell:opensuse:libpcap1-debuginfo", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2019-2345.NASL", "href": "https://www.tenable.com/plugins/nessus/130084", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-2345.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130084);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n\n script_name(english:\"openSUSE Security Update : libpcap (openSUSE-2019-2345)\");\n script_summary(english:\"Check for the openSUSE-2019-2345 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for libpcap fixes the following issues :\n\n - CVE-2019-15165: Added sanity checks for PHB header\n length before allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1153332\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected libpcap packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap-devel-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libpcap1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpcap-debugsource-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpcap-devel-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpcap-devel-static-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpcap1-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", reference:\"libpcap1-debuginfo-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpcap-devel-32bit-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-lp151.4.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-debuginfo-1.8.1-lp151.4.3.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap-debugsource / libpcap-devel / libpcap-devel-static / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:30:06", "description": "This update for libpcap fixes the following issues :\n\nCVE-2019-15165: Added sanity checks for PHB header length before allocating memory (bsc#1153332).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-16T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 Security Update : libpcap (SUSE-SU-2019:2673-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpcap-debugsource", "p-cpe:/a:novell:suse_linux:libpcap-devel", "p-cpe:/a:novell:suse_linux:libpcap-devel-static", "p-cpe:/a:novell:suse_linux:libpcap1", "p-cpe:/a:novell:suse_linux:libpcap1-32bit-debuginfo", "p-cpe:/a:novell:suse_linux:libpcap1-debuginfo", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2019-2673-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129965", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2673-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129965);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n\n script_name(english:\"SUSE SLED15 / SLES15 Security Update : libpcap (SUSE-SU-2019:2673-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libpcap fixes the following issues :\n\nCVE-2019-15165: Added sanity checks for PHB header length before\nallocating memory (bsc#1153332).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16301/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15165/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192673-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?90b3f2f9\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15-SP1:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-SP1-2019-2673=1\n\nSUSE Linux Enterprise Module for Open Buildservice Development Tools\n15:zypper in -t patch\nSUSE-SLE-Module-Development-Tools-OBS-15-2019-2673=1\n\nSUSE Linux Enterprise Module for Basesystem 15-SP1:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-SP1-2019-2673=1\n\nSUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch\nSUSE-SLE-Module-Basesystem-15-2019-2673=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16301\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap-devel-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap1-32bit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED15 / SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP0/1\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(0|1)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED15 SP0/1\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap-devel-32bit-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-debuginfo-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libpcap-debugsource-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libpcap-devel-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libpcap-devel-static-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libpcap1-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"libpcap1-debuginfo-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpcap-debugsource-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpcap-devel-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpcap-devel-static-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpcap1-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"0\", reference:\"libpcap1-debuginfo-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap-devel-32bit-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", cpu:\"x86_64\", reference:\"libpcap1-32bit-debuginfo-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libpcap-debugsource-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libpcap-devel-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libpcap-devel-static-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libpcap1-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"1\", reference:\"libpcap1-debuginfo-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpcap-debugsource-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpcap-devel-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpcap-devel-static-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpcap1-1.8.1-4.3.1\")) flag++;\nif (rpm_check(release:\"SLED15\", sp:\"0\", reference:\"libpcap1-debuginfo-1.8.1-4.3.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:29:58", "description": "This update for libpcap fixes the following issues :\n\nCVE-2019-15165: Added sanity checks for PHB header length before allocating memory (bsc#1153332).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-16T00:00:00", "type": "nessus", "title": "SUSE SLED12 / SLES12 Security Update : libpcap (SUSE-SU-2019:2669-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16301", "CVE-2019-15165"], "modified": "2022-05-18T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:libpcap-debugsource", "p-cpe:/a:novell:suse_linux:libpcap1", "p-cpe:/a:novell:suse_linux:libpcap1-debuginfo", "p-cpe:/a:novell:suse_linux:tcpdump", "p-cpe:/a:novell:suse_linux:tcpdump-debuginfo", "p-cpe:/a:novell:suse_linux:tcpdump-debugsource", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2019-2669-1.NASL", "href": "https://www.tenable.com/plugins/nessus/129964", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:2669-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(129964);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/18\");\n\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : libpcap (SUSE-SU-2019:2669-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"This update for libpcap fixes the following issues :\n\nCVE-2019-15165: Added sanity checks for PHB header length before\nallocating memory (bsc#1153332).\n\nCVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/show_bug.cgi?id=1153332\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16301/\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15165/\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-20192669-1/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?30c8e71b\");\n script_set_attribute(attribute:\"solution\", value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud Crowbar 8:zypper in -t patch\nSUSE-OpenStack-Cloud-Crowbar-8-2019-2669=1\n\nSUSE OpenStack Cloud 8:zypper in -t patch\nSUSE-OpenStack-Cloud-8-2019-2669=1\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-2669=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP5:zypper in -t patch\nSUSE-SLE-WE-12-SP5-2019-2669=1\n\nSUSE Linux Enterprise Workstation Extension 12-SP4:zypper in -t patch\nSUSE-SLE-WE-12-SP4-2019-2669=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP5:zypper in -t\npatch SUSE-SLE-SDK-12-SP5-2019-2669=1\n\nSUSE Linux Enterprise Software Development Kit 12-SP4:zypper in -t\npatch SUSE-SLE-SDK-12-SP4-2019-2669=1\n\nSUSE Linux Enterprise Server for SAP 12-SP3:zypper in -t patch\nSUSE-SLE-SAP-12-SP3-2019-2669=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-2669=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP5:zypper in -t patch\nSUSE-SLE-SERVER-12-SP5-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP3-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP3-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-BCL-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-2669=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-2669=1\n\nSUSE Linux Enterprise Desktop 12-SP5:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP5-2019-2669=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-2669=1\n\nSUSE Enterprise Storage 5:zypper in -t patch\nSUSE-Storage-5-2019-2669=1\n\nSUSE Enterprise Storage 4:zypper in -t patch\nSUSE-Storage-4-2019-2669=1\n\nHPE Helion Openstack 8:zypper in -t patch\nHPE-Helion-OpenStack-8-2019-2669=1\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-15165\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2018-16301\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libpcap1-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4/5\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(4|5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP4/5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"libpcap1-debuginfo-32bit-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"libpcap-debugsource-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"libpcap1-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"libpcap1-32bit-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"libpcap1-debuginfo-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"libpcap1-debuginfo-32bit-1.8.1-10.3.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"tcpdump-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"tcpdump-debuginfo-4.9.2-14.14.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"5\", cpu:\"x86_64\", reference:\"tcpdump-debugsource-4.9.2-14.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libpcap\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:17:35", "description": "The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2021:2191 advisory.\n\n - tcpdump: SMB data printing mishandled (CVE-2018-10103, CVE-2018-10105)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-01T00:00:00", "type": "nessus", "title": "RHEL 8 : tcpdump (RHSA-2021:2191)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_tus:8.2", "p-cpe:/a:redhat:enterprise_linux:tcpdump"], "id": "REDHAT-RHSA-2021-2191.NASL", "href": "https://www.tenable.com/plugins/nessus/150128", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2021:2191. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150128);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\");\n script_xref(name:\"RHSA\", value:\"2021:2191\");\n\n script_name(english:\"RHEL 8 : tcpdump (RHSA-2021:2191)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2021:2191 advisory.\n\n - tcpdump: SMB data printing mishandled (CVE-2018-10103, CVE-2018-10105)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-10103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2018-10105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2021:2191\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760504\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1760505\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-10105\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/06/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:tcpdump\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.2')) audit(AUDIT_OS_NOT, 'Red Hat 8.2', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel8/8.2/x86_64/appstream/debug',\n 'content/aus/rhel8/8.2/x86_64/appstream/os',\n 'content/aus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel8/8.2/x86_64/baseos/debug',\n 'content/aus/rhel8/8.2/x86_64/baseos/os',\n 'content/aus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/debug',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/os',\n 'content/e4s/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/debug',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/os',\n 'content/e4s/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/os',\n 'content/e4s/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/ppc64le/sap/debug',\n 'content/e4s/rhel8/8.2/ppc64le/sap/os',\n 'content/e4s/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/appstream/debug',\n 'content/e4s/rhel8/8.2/x86_64/appstream/os',\n 'content/e4s/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/baseos/debug',\n 'content/e4s/rhel8/8.2/x86_64/baseos/os',\n 'content/e4s/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/debug',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/os',\n 'content/e4s/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel8/8.2/x86_64/sap/debug',\n 'content/e4s/rhel8/8.2/x86_64/sap/os',\n 'content/e4s/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/appstream/debug',\n 'content/eus/rhel8/8.2/aarch64/appstream/os',\n 'content/eus/rhel8/8.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/baseos/debug',\n 'content/eus/rhel8/8.2/aarch64/baseos/os',\n 'content/eus/rhel8/8.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/os',\n 'content/eus/rhel8/8.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/highavailability/debug',\n 'content/eus/rhel8/8.2/aarch64/highavailability/os',\n 'content/eus/rhel8/8.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/aarch64/supplementary/debug',\n 'content/eus/rhel8/8.2/aarch64/supplementary/os',\n 'content/eus/rhel8/8.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/appstream/debug',\n 'content/eus/rhel8/8.2/ppc64le/appstream/os',\n 'content/eus/rhel8/8.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/baseos/debug',\n 'content/eus/rhel8/8.2/ppc64le/baseos/os',\n 'content/eus/rhel8/8.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel8/8.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/debug',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/os',\n 'content/eus/rhel8/8.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel8/8.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel8/8.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/sap/debug',\n 'content/eus/rhel8/8.2/ppc64le/sap/os',\n 'content/eus/rhel8/8.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/debug',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/os',\n 'content/eus/rhel8/8.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/appstream/debug',\n 'content/eus/rhel8/8.2/s390x/appstream/os',\n 'content/eus/rhel8/8.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/baseos/debug',\n 'content/eus/rhel8/8.2/s390x/baseos/os',\n 'content/eus/rhel8/8.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/debug',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/os',\n 'content/eus/rhel8/8.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/highavailability/debug',\n 'content/eus/rhel8/8.2/s390x/highavailability/os',\n 'content/eus/rhel8/8.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/debug',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/os',\n 'content/eus/rhel8/8.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/sap/debug',\n 'content/eus/rhel8/8.2/s390x/sap/os',\n 'content/eus/rhel8/8.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/s390x/supplementary/debug',\n 'content/eus/rhel8/8.2/s390x/supplementary/os',\n 'content/eus/rhel8/8.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/appstream/debug',\n 'content/eus/rhel8/8.2/x86_64/appstream/os',\n 'content/eus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/baseos/debug',\n 'content/eus/rhel8/8.2/x86_64/baseos/os',\n 'content/eus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/os',\n 'content/eus/rhel8/8.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/eus/rhel8/8.2/x86_64/highavailability/os',\n 'content/eus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/os',\n 'content/eus/rhel8/8.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/os',\n 'content/eus/rhel8/8.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/sap/debug',\n 'content/eus/rhel8/8.2/x86_64/sap/os',\n 'content/eus/rhel8/8.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel8/8.2/x86_64/supplementary/debug',\n 'content/eus/rhel8/8.2/x86_64/supplementary/os',\n 'content/eus/rhel8/8.2/x86_64/supplementary/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/appstream/debug',\n 'content/tus/rhel8/8.2/x86_64/appstream/os',\n 'content/tus/rhel8/8.2/x86_64/appstream/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/baseos/debug',\n 'content/tus/rhel8/8.2/x86_64/baseos/os',\n 'content/tus/rhel8/8.2/x86_64/baseos/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/highavailability/debug',\n 'content/tus/rhel8/8.2/x86_64/highavailability/os',\n 'content/tus/rhel8/8.2/x86_64/highavailability/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/nfv/debug',\n 'content/tus/rhel8/8.2/x86_64/nfv/os',\n 'content/tus/rhel8/8.2/x86_64/nfv/source/SRPMS',\n 'content/tus/rhel8/8.2/x86_64/rt/debug',\n 'content/tus/rhel8/8.2/x86_64/rt/os',\n 'content/tus/rhel8/8.2/x86_64/rt/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'tcpdump-4.9.2-7.el8_2', 'sp':'2', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'14'}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var subscription_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in the Red Hat Enterprise Linux\\n' +\n 'Advanced Update Support, Extended Update Support, Telco Extended Update Support or Update Services for SAP Solutions repositories.\\n' +\n 'Access to these repositories requires a paid RHEL subscription.\\n';\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = subscription_caveat + rpm_report_get() + redhat_report_repo_caveat();\n else extra = subscription_caveat + rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:28:36", "description": "An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system. (CVE-2019-14821)\n\nA buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.(CVE-2019-14835)", "cvss3": {}, "published": "2019-09-30T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : kernel (ALAS-2019-1293)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14821", "CVE-2019-14835"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/129407", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1293.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129407);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\");\n script_xref(name:\"ALAS\", value:\"2019-1293\");\n\n script_name(english:\"Amazon Linux AMI : kernel (ALAS-2019-1293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An out-of-bounds access issue was found in the way Linux kernel's KVM\nhypervisor implements the Coalesced MMIO write operation. It operates\non an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein\nwrite indices 'ring->first' and 'ring->last' value could be supplied\nby a host user-space process. An unprivileged host user or process\nwith access to '/dev/kvm' device could use this flaw to crash the host\nkernel, resulting in a denial of service or potentially escalating\nprivileges on the system. (CVE-2019-14821)\n\nA buffer overflow flaw was found in the way Linux kernel's vhost\nfunctionality that translates virtqueue buffers to IOVs, logged the\nbuffer descriptors during migration. A privileged guest user able to\npass descriptors with invalid length to the host when migration is\nunderway, could use this flaw to increase their privileges on the\nhost.(CVE-2019-14835)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1293.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update kernel' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14835\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-i686\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"kernel-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-debuginfo-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"i686\", reference:\"kernel-debuginfo-common-i686-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-devel-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-headers-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-debuginfo-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"kernel-tools-devel-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-4.14.146-93.123.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"perf-debuginfo-4.14.146-93.123.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-i686 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:52", "description": "The 5.2.17 stable kernel update contains a number of important fixes across the tree.\n\n----\n\nThe 5.2.16 stable kernel updates contain a number of important fixes across the tree.\n\n----\n\nThe 5.2.15 stable kernel update contains a number of important fixes across the tree.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2019-10-02T00:00:00", "type": "nessus", "title": "Fedora 29 : kernel / kernel-headers / kernel-tools (2019-a570a92d5a)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14821", "CVE-2019-14835"], "modified": "2019-12-23T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:kernel", "p-cpe:/a:fedoraproject:fedora:kernel-headers", "p-cpe:/a:fedoraproject:fedora:kernel-tools", "cpe:/o:fedoraproject:fedora:29"], "id": "FEDORA_2019-A570A92D5A.NASL", "href": "https://www.tenable.com/plugins/nessus/129512", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-a570a92d5a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129512);\n script_version(\"1.3\");\n script_cvs_date(\"Date: 2019/12/23\");\n\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\");\n script_xref(name:\"FEDORA\", value:\"2019-a570a92d5a\");\n\n script_name(english:\"Fedora 29 : kernel / kernel-headers / kernel-tools (2019-a570a92d5a)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The 5.2.17 stable kernel update contains a number of important fixes\nacross the tree.\n\n----\n\nThe 5.2.16 stable kernel updates contain a number of important fixes\nacross the tree.\n\n----\n\nThe 5.2.15 stable kernel update contains a number of important fixes\nacross the tree.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-a570a92d5a\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected kernel, kernel-headers and / or kernel-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14835\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:29\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"linux_alt_patch_detect.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\ninclude(\"ksplice.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^29([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 29\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nif (get_one_kb_item(\"Host/ksplice/kernel-cves\"))\n{\n rm_kb_item(name:\"Host/uptrack-uname-r\");\n cve_list = make_list(\"CVE-2019-14821\", \"CVE-2019-14835\");\n if (ksplice_cves_check(cve_list))\n {\n audit(AUDIT_PATCH_INSTALLED, \"KSplice hotfix for FEDORA-2019-a570a92d5a\");\n }\n else\n {\n __rpm_report = ksplice_reporting_text();\n }\n}\n\nflag = 0;\nif (rpm_check(release:\"FC29\", reference:\"kernel-5.2.17-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-headers-5.2.17-100.fc29\")) flag++;\nif (rpm_check(release:\"FC29\", reference:\"kernel-tools-5.2.17-100.fc29\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-headers / kernel-tools\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T14:28:53", "description": "An out-of-bounds access issue was found in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.(CVE-2019-14821)\n\nA buffer overflow flaw was found in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.(CVE-2019-14835)", "cvss3": {}, "published": "2019-09-27T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : kernel (ALAS-2019-1293)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14821", "CVE-2019-14835"], "modified": "2022-05-23T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:kernel", "p-cpe:/a:amazon:linux:kernel-debuginfo", "p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64", "p-cpe:/a:amazon:linux:kernel-devel", "p-cpe:/a:amazon:linux:kernel-headers", "p-cpe:/a:amazon:linux:kernel-tools", "p-cpe:/a:amazon:linux:kernel-tools-debuginfo", "p-cpe:/a:amazon:linux:kernel-tools-devel", "p-cpe:/a:amazon:linux:perf", "p-cpe:/a:amazon:linux:perf-debuginfo", "p-cpe:/a:amazon:linux:python-perf", "p-cpe:/a:amazon:linux:python-perf-debuginfo", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2019-1293.NASL", "href": "https://www.tenable.com/plugins/nessus/129392", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2019-1293.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129392);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/23\");\n\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\");\n script_xref(name:\"ALAS\", value:\"2019-1293\");\n\n script_name(english:\"Amazon Linux 2 : kernel (ALAS-2019-1293)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An out-of-bounds access issue was found in the way Linux kernel's KVM\nhypervisor implements the Coalesced MMIO write operation. It operates\non an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein\nwrite indices 'ring->first' and 'ring->last' value could be supplied\nby a host user-space process. An unprivileged host user or process\nwith access to '/dev/kvm' device could use this flaw to crash the host\nkernel, resulting in a denial of service or potentially escalating\nprivileges on the system.(CVE-2019-14821)\n\nA buffer overflow flaw was found in the way Linux kernel's vhost\nfunctionality that translates virtqueue buffers to IOVs, logged the\nbuffer descriptors during migration. A privileged guest user able to\npass descriptors with invalid length to the host when migration is\nunderway, could use this flaw to increase their privileges on the\nhost.(CVE-2019-14835)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2019-1293.html\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Run 'yum update kernel' and reboot the instance to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-14835\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-debuginfo-common-x86_64\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-headers\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:kernel-tools-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:python-perf-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/27\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-debuginfo-common-x86_64-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-devel-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"kernel-headers-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-debuginfo-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"kernel-tools-devel-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"perf-debuginfo-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-4.14.146-119.123.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", cpu:\"x86_64\", reference:\"python-perf-debuginfo-4.14.146-119.123.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"kernel / kernel-debuginfo / kernel-debuginfo-common-x86_64 / etc\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:31:18", "description": "An update of the rsyslog package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Rsyslog PHSA-2019-2.0-0182", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17040"], "modified": "2019-12-17T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:rsyslog", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2019-2_0-0182_RSYSLOG.NASL", "href": "https://www.tenable.com/plugins/nessus/130116", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-2.0-0182. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130116);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-17040\");\n\n script_name(english:\"Photon OS 2.0: Rsyslog PHSA-2019-2.0-0182\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the rsyslog package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-182.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"rsyslog-8.1907.0-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"rsyslog-debuginfo-8.1907.0-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T14:30:39", "description": "An update of the rsyslog package has been released.", "cvss3": {}, "published": "2019-10-22T00:00:00", "type": "nessus", "title": "Photon OS 3.0: Rsyslog PHSA-2019-3.0-0034", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-17040"], "modified": "2019-12-17T00:00:00", "cpe": ["cpe:/o:vmware:photonos:3.0", "p-cpe:/a:vmware:photonos:rsyslog"], "id": "PHOTONOS_PHSA-2019-3_0-0034_RSYSLOG.NASL", "href": "https://www.tenable.com/plugins/nessus/130121", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0034. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(130121);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/17\");\n\n script_cve_id(\"CVE-2019-17040\");\n\n script_name(english:\"Photon OS 3.0: Rsyslog PHSA-2019-3.0-0034\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the rsyslog package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0034.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-17040\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/10/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:rsyslog\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"rsyslog-8.1907.0-2.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"rsyslog-debuginfo-8.1907.0-2.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rsyslog\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:30:19", "description": "The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2019:14191-1 advisory.\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().\n (CVE-2017-12893)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util- print.c:tok2strbuf(). (CVE-2017-12900)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().\n (CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-12986, CVE-2017-13725)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-12987, CVE-2017-13008)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several functions. (CVE-2017-12993)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print- domain.c:ns_print(). (CVE-2017-12995)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().\n (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().\n (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print- juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_print(). (CVE-2017-13009)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2017-13012)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(), several functions. (CVE-2017-13014)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018, CVE-2017-13019, CVE-2017-13034)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().\n (CVE-2017-13022)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print- mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print- frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print- isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().\n (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print- lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. (CVE-2018-16300)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2021-06-10T00:00:00", "type": "nessus", "title": "SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2017-12893", "CVE-2017-12894", "CVE-2017-12896", "CVE-2017-12897", "CVE-2017-12898", "CVE-2017-12899", "CVE-2017-12900", "CVE-2017-12901", "CVE-2017-12902", "CVE-2017-12985", "CVE-2017-12986", "CVE-2017-12987", "CVE-2017-12988", "CVE-2017-12991", "CVE-2017-12992", "CVE-2017-12993", "CVE-2017-12995", "CVE-2017-12996", "CVE-2017-12998", "CVE-2017-12999", "CVE-2017-13001", "CVE-2017-13002", "CVE-2017-13003", "CVE-2017-13004", "CVE-2017-13005", "CVE-2017-13006", "CVE-2017-13008", "CVE-2017-13009", "CVE-2017-13010", "CVE-2017-13012", "CVE-2017-13013", "CVE-2017-13014", "CVE-2017-13016", "CVE-2017-13017", "CVE-2017-13018", "CVE-2017-13019", "CVE-2017-13021", "CVE-2017-13022", "CVE-2017-13023", "CVE-2017-13024", "CVE-2017-13025", "CVE-2017-13027", "CVE-2017-13028", "CVE-2017-13029", "CVE-2017-13030", "CVE-2017-13031", "CVE-2017-13032", "CVE-2017-13034", "CVE-2017-13035", "CVE-2017-13036", "CVE-2017-13037", "CVE-2017-13038", "CVE-2017-13041", "CVE-2017-13047", "CVE-2017-13048", "CVE-2017-13049", "CVE-2017-13051", "CVE-2017-13053", "CVE-2017-13055", "CVE-2017-13687", "CVE-2017-13688", "CVE-2017-13689", "CVE-2017-13725", "CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-14463", "CVE-2018-14464", "CVE-2018-14465", "CVE-2018-14466", "CVE-2018-14467", "CVE-2018-14468", "CVE-2018-14469", "CVE-2018-14881", "CVE-2018-14882", "CVE-2018-16229", "CVE-2018-16230", "CVE-2018-16300", "CVE-2018-16301", "CVE-2018-16451", "CVE-2018-16452", "CVE-2019-15166"], "modified": "2021-06-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:tcpdump", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_SU-2019-14191-1.NASL", "href": "https://www.tenable.com/plugins/nessus/150563", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2019:14191-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(150563);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/10\");\n\n script_cve_id(\n \"CVE-2017-12893\",\n \"CVE-2017-12894\",\n \"CVE-2017-12896\",\n \"CVE-2017-12897\",\n \"CVE-2017-12898\",\n \"CVE-2017-12899\",\n \"CVE-2017-12900\",\n \"CVE-2017-12901\",\n \"CVE-2017-12902\",\n \"CVE-2017-12985\",\n \"CVE-2017-12986\",\n \"CVE-2017-12987\",\n \"CVE-2017-12988\",\n \"CVE-2017-12991\",\n \"CVE-2017-12992\",\n \"CVE-2017-12993\",\n \"CVE-2017-12995\",\n \"CVE-2017-12996\",\n \"CVE-2017-12998\",\n \"CVE-2017-12999\",\n \"CVE-2017-13001\",\n \"CVE-2017-13002\",\n \"CVE-2017-13003\",\n \"CVE-2017-13004\",\n \"CVE-2017-13005\",\n \"CVE-2017-13006\",\n \"CVE-2017-13008\",\n \"CVE-2017-13009\",\n \"CVE-2017-13010\",\n \"CVE-2017-13012\",\n \"CVE-2017-13013\",\n \"CVE-2017-13014\",\n \"CVE-2017-13016\",\n \"CVE-2017-13017\",\n \"CVE-2017-13018\",\n \"CVE-2017-13019\",\n \"CVE-2017-13021\",\n \"CVE-2017-13022\",\n \"CVE-2017-13023\",\n \"CVE-2017-13024\",\n \"CVE-2017-13025\",\n \"CVE-2017-13027\",\n \"CVE-2017-13028\",\n \"CVE-2017-13029\",\n \"CVE-2017-13030\",\n \"CVE-2017-13031\",\n \"CVE-2017-13032\",\n \"CVE-2017-13034\",\n \"CVE-2017-13035\",\n \"CVE-2017-13036\",\n \"CVE-2017-13037\",\n \"CVE-2017-13038\",\n \"CVE-2017-13041\",\n \"CVE-2017-13047\",\n \"CVE-2017-13048\",\n \"CVE-2017-13049\",\n \"CVE-2017-13051\",\n \"CVE-2017-13053\",\n \"CVE-2017-13055\",\n \"CVE-2017-13687\",\n \"CVE-2017-13688\",\n \"CVE-2017-13689\",\n \"CVE-2017-13725\",\n \"CVE-2018-10103\",\n \"CVE-2018-10105\",\n \"CVE-2018-14461\",\n \"CVE-2018-14462\",\n \"CVE-2018-14463\",\n \"CVE-2018-14464\",\n \"CVE-2018-14465\",\n \"CVE-2018-14466\",\n \"CVE-2018-14467\",\n \"CVE-2018-14468\",\n \"CVE-2018-14469\",\n \"CVE-2018-14881\",\n \"CVE-2018-14882\",\n \"CVE-2018-16229\",\n \"CVE-2018-16230\",\n \"CVE-2018-16300\",\n \"CVE-2018-16301\",\n \"CVE-2018-16451\",\n \"CVE-2018-16452\",\n \"CVE-2019-15166\"\n );\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2019:14191-1\");\n\n script_name(english:\"SUSE SLES11 Security Update : tcpdump (SUSE-SU-2019:14191-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2019:14191-1 advisory.\n\n - The SMB/CIFS parser in tcpdump before 4.9.2 has a buffer over-read in smbutil.c:name_len().\n (CVE-2017-12893)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in\n addrtoname.c:lookup_bytestring(). (CVE-2017-12894)\n\n - The ISAKMP parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:isakmp_rfc3948_print().\n (CVE-2017-12896)\n\n - The ISO CLNS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isoclns_print().\n (CVE-2017-12897)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:interp_reply().\n (CVE-2017-12898)\n\n - The DECnet parser in tcpdump before 4.9.2 has a buffer over-read in print-decnet.c:decnet_print().\n (CVE-2017-12899)\n\n - Several protocol parsers in tcpdump before 4.9.2 could cause a buffer over-read in util-\n print.c:tok2strbuf(). (CVE-2017-12900)\n\n - The EIGRP parser in tcpdump before 4.9.2 has a buffer over-read in print-eigrp.c:eigrp_print().\n (CVE-2017-12901)\n\n - The Zephyr parser in tcpdump before 4.9.2 has a buffer over-read in print-zephyr.c, several functions.\n (CVE-2017-12902)\n\n - The IPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-ip6.c:ip6_print().\n (CVE-2017-12985)\n\n - The IPv6 routing header parser in tcpdump before 4.9.2 has a buffer over-read in print-rt6.c:rt6_print().\n (CVE-2017-12986, CVE-2017-13725)\n\n - The IEEE 802.11 parser in tcpdump before 4.9.2 has a buffer over-read in print-802_11.c:parse_elements().\n (CVE-2017-12987, CVE-2017-13008)\n\n - The telnet parser in tcpdump before 4.9.2 has a buffer over-read in print-telnet.c:telnet_parse().\n (CVE-2017-12988)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:bgp_attr_print().\n (CVE-2017-12991)\n\n - The RIPng parser in tcpdump before 4.9.2 has a buffer over-read in print-ripng.c:ripng_print().\n (CVE-2017-12992)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-juniper.c, several\n functions. (CVE-2017-12993)\n\n - The DNS parser in tcpdump before 4.9.2 could enter an infinite loop due to a bug in print-\n domain.c:ns_print(). (CVE-2017-12995)\n\n - The PIMv2 parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c:pimv2_print().\n (CVE-2017-12996)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-\n isoclns.c:isis_print_extd_ip_reach(). (CVE-2017-12998)\n\n - The IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print().\n (CVE-2017-12999)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:nfs_printfh().\n (CVE-2017-13001)\n\n - The AODV parser in tcpdump before 4.9.2 has a buffer over-read in print-aodv.c:aodv_extension().\n (CVE-2017-13002)\n\n - The LMP parser in tcpdump before 4.9.2 has a buffer over-read in print-lmp.c:lmp_print(). (CVE-2017-13003)\n\n - The Juniper protocols parser in tcpdump before 4.9.2 has a buffer over-read in print-\n juniper.c:juniper_parse_header(). (CVE-2017-13004)\n\n - The NFS parser in tcpdump before 4.9.2 has a buffer over-read in print-nfs.c:xid_map_enter().\n (CVE-2017-13005)\n\n - The L2TP parser in tcpdump before 4.9.2 has a buffer over-read in print-l2tp.c, several functions.\n (CVE-2017-13006)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-\n mobility.c:mobility_print(). (CVE-2017-13009)\n\n - The BEEP parser in tcpdump before 4.9.2 has a buffer over-read in print-beep.c:l_strnstart().\n (CVE-2017-13010)\n\n - The ICMP parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2017-13012)\n\n - The ARP parser in tcpdump before 4.9.2 has a buffer over-read in print-arp.c, several functions.\n (CVE-2017-13013)\n\n - The White Board protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-wb.c:wb_prep(),\n several functions. (CVE-2017-13014)\n\n - The ISO ES-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:esis_print().\n (CVE-2017-13016, CVE-2017-13047)\n\n - The DHCPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-dhcp6.c:dhcp6opt_print().\n (CVE-2017-13017)\n\n - The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). (CVE-2017-13018,\n CVE-2017-13019, CVE-2017-13034)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print().\n (CVE-2017-13021)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute().\n (CVE-2017-13022)\n\n - The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-\n mobility.c:mobility_opt_print(). (CVE-2017-13023, CVE-2017-13024, CVE-2017-13025)\n\n - The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print().\n (CVE-2017-13027)\n\n - The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print().\n (CVE-2017-13028)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:print_ccp_config_options().\n (CVE-2017-13029)\n\n - The PIM parser in tcpdump before 4.9.2 has a buffer over-read in print-pim.c, several functions.\n (CVE-2017-13030)\n\n - The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-\n frag6.c:frag6_print(). (CVE-2017-13031)\n\n - The RADIUS parser in tcpdump before 4.9.2 has a buffer over-read in print-radius.c:print_attr_string().\n (CVE-2017-13032)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id().\n (CVE-2017-13035)\n\n - The OSPFv3 parser in tcpdump before 4.9.2 has a buffer over-read in print-ospf6.c:ospf6_decode_v3().\n (CVE-2017-13036)\n\n - The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). (CVE-2017-13037)\n\n - The PPP parser in tcpdump before 4.9.2 has a buffer over-read in print-ppp.c:handle_mlppp().\n (CVE-2017-13038)\n\n - The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_nodeinfo_print().\n (CVE-2017-13041)\n\n - The RSVP parser in tcpdump before 4.9.2 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2017-13048, CVE-2017-13051)\n\n - The Rx protocol parser in tcpdump before 4.9.2 has a buffer over-read in print-rx.c:ubik_print().\n (CVE-2017-13049)\n\n - The BGP parser in tcpdump before 4.9.2 has a buffer over-read in print-bgp.c:decode_rt_routing_info().\n (CVE-2017-13053)\n\n - The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-\n isoclns.c:isis_print_is_reach_subtlv(). (CVE-2017-13055)\n\n - The Cisco HDLC parser in tcpdump before 4.9.2 has a buffer over-read in print-chdlc.c:chdlc_print().\n (CVE-2017-13687)\n\n - The OLSR parser in tcpdump before 4.9.2 has a buffer over-read in print-olsr.c:olsr_print().\n (CVE-2017-13688)\n\n - The IKEv1 parser in tcpdump before 4.9.2 has a buffer over-read in print-isakmp.c:ikev1_id_print().\n (CVE-2017-13689)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2). (CVE-2018-10103)\n\n - tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2). (CVE-2018-10105)\n\n - The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().\n (CVE-2018-14461)\n\n - The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().\n (CVE-2018-14462)\n\n - The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().\n (CVE-2018-14463)\n\n - The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-\n lmp.c:lmp_print_data_link_subobjs(). (CVE-2018-14464)\n\n - The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().\n (CVE-2018-14465)\n\n - The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and\n rx_cache_insert(). (CVE-2018-14466)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_MP). (CVE-2018-14467)\n\n - The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().\n (CVE-2018-14468)\n\n - The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().\n (CVE-2018-14469)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print()\n (BGP_CAPCODE_RESTART). (CVE-2018-14881)\n\n - The ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c. (CVE-2018-14882)\n\n - The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().\n (CVE-2018-16229)\n\n - The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print()\n (MP_REACH_NLRI). (CVE-2018-16230)\n\n - The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of\n unlimited recursion. (CVE-2018-16300)\n\n - ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by\n its CNA. Further investigation showed that it was not a security issue. Notes: none. (CVE-2018-16301)\n\n - The SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for\n \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN. (CVE-2018-16451)\n\n - The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.\n (CVE-2018-16452)\n\n - lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.\n (CVE-2019-15166)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1057247\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1153098\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1153332\");\n # https://www.suse.com/support/update/announcement/2019/suse-su-201914191-1.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e03f0e89\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12893\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12894\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12896\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12897\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12898\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12899\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12900\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12901\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12902\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12985\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12986\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12987\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12988\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12991\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12992\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12993\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12995\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12996\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12998\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-12999\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13001\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13002\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13003\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13004\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13005\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13006\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13008\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13009\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13013\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13014\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13016\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13017\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13018\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13019\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13021\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13022\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13023\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13024\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13025\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13027\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13028\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13029\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13030\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13031\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13032\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13034\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13035\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13036\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13037\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13038\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13041\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13047\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13048\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13049\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13051\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13053\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13055\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13687\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13688\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13689\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2017-13725\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10103\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-10105\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14461\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14463\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14464\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14465\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14466\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14467\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14468\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14469\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14881\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-14882\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16229\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16230\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16300\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16301\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16451\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2018-16452\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-15166\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected tcpdump package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16301\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2017/09/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/10/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/06/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:tcpdump\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES11', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\npkgs = [\n {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-11.4'},\n {'reference':'tcpdump-3.9.8-1.30.13', 'sp':'4', 'release':'SLES11', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-11.4'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n exists_check = NULL;\n rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release && exists_check) {\n if (rpm_exists(release:release, rpm:exists_check) && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n else if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'tcpdump');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:00:55", "description": "An update of the linux package has been released.", "cvss3": {}, "published": "2020-05-07T00:00:00", "type": "nessus", "title": "Photon OS 2.0: Linux PHSA-2020-2.0-0239", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-19319"], "modified": "2020-06-04T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:linux", "cpe:/o:vmware:photonos:2.0"], "id": "PHOTONOS_PHSA-2020-2_0-0239_LINUX.NASL", "href": "https://www.tenable.com/plugins/nessus/136407", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2020-2.0-0239. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136407);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/06/04\");\n\n script_cve_id(\"CVE-2019-19319\");\n\n script_name(english:\"Photon OS 2.0: Linux PHSA-2020-2.0-0239\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the linux package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-2-239.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-19319\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/27\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 2.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", reference:\"linux-api-headers-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-debuginfo-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-devel-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-docs-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-drivers-gpu-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-oprofile-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-aws-sound-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-debuginfo-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-devel-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-docs-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-drivers-gpu-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-esx-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-esx-debuginfo-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-esx-devel-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-esx-docs-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-oprofile-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-debuginfo-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-devel-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-docs-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-secure-lkcm-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-sound-4.9.221-1.ph2\")) flag++;\nif (rpm_check(release:\"PhotonOS-2.0\", cpu:\"x86_64\", reference:\"linux-tools-4.9.221-1.ph2\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"linux\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-18T15:04:01", "description": "The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). (CVE-2018-14468)\n\nImpact\n\nWhen tcpdump is activeand configured to parse FRF.16 traffic, certain traffic patterns may trigger a crash or other unexpected behavior of the tcpdump process.", "cvss3": {}, "published": "2020-07-09T00:00:00", "type": "nessus", "title": "F5 Networks BIG-IP : FRF.16 parser vulnerability (K04367730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-14468"], "modified": "2021-06-03T00:00:00", "cpe": ["cpe:/a:f5:big-ip_access_policy_manager", "cpe:/a:f5:big-ip_advanced_firewall_manager", "cpe:/a:f5:big-ip_application_acceleration_manager", "cpe:/a:f5:big-ip_application_security_manager", "cpe:/a:f5:big-ip_application_visibility_and_reporting", "cpe:/a:f5:big-ip_global_traffic_manager", "cpe:/a:f5:big-ip_link_controller", "cpe:/a:f5:big-ip_local_traffic_manager", "cpe:/a:f5:big-ip_policy_enforcement_manager", "cpe:/a:f5:big-ip_webaccelerator", "cpe:/h:f5:big-ip"], "id": "F5_BIGIP_SOL04367730.NASL", "href": "https://www.tenable.com/plugins/nessus/138228", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K04367730.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(138228);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/06/03\");\n\n script_cve_id(\"CVE-2018-14468\");\n\n script_name(english:\"F5 Networks BIG-IP : FRF.16 parser vulnerability (K04367730)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in\nprint-fr.c:mfr_print(). (CVE-2018-14468)\n\nImpact\n\nWhen tcpdump is activeand configured to parse FRF.16 traffic, certain\ntraffic patterns may trigger a crash or other unexpected behavior of\nthe tcpdump process.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K04367730\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K04367730.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_advanced_firewall_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_acceleration_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_security_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_application_visibility_and_reporting\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_global_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_link_controller\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_local_traffic_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_policy_enforcement_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_webaccelerator\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/10/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K04367730\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# AFM\nvmatrix[\"AFM\"] = make_array();\nvmatrix[\"AFM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"AFM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# AM\nvmatrix[\"AM\"] = make_array();\nvmatrix[\"AM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"AM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# ASM\nvmatrix[\"ASM\"] = make_array();\nvmatrix[\"ASM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"ASM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# AVR\nvmatrix[\"AVR\"] = make_array();\nvmatrix[\"AVR\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"AVR\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# GTM\nvmatrix[\"GTM\"] = make_array();\nvmatrix[\"GTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"GTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# LC\nvmatrix[\"LC\"] = make_array();\nvmatrix[\"LC\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"LC\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# LTM\nvmatrix[\"LTM\"] = make_array();\nvmatrix[\"LTM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"LTM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# PEM\nvmatrix[\"PEM\"] = make_array();\nvmatrix[\"PEM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"PEM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n# WAM\nvmatrix[\"WAM\"] = make_array();\nvmatrix[\"WAM\"][\"affected\" ] = make_list(\"15.0.0-15.1.2\",\"14.0.0-14.1.3\",\"13.1.0-13.1.4\",\"12.1.0-12.1.6\",\"11.6.0-11.6.5\");\nvmatrix[\"WAM\"][\"unaffected\"] = make_list(\"16.0.0\",\"15.1.3\",\"14.1.3.1\",\"13.1.4.1\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running any of the affected modules\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}], "openvas": [{"lastseen": "2020-01-21T14:51:20", "description": "tcpdump is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "openvas", "title": "tcpdump < 4.9.3 Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-14467", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14882", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2020-01-21T00:00:00", "id": "OPENVAS:1361412562310113543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310113543", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.113543\");\n script_version(\"2020-01-21T07:42:39+0000\");\n script_tag(name:\"last_modification\", value:\"2020-01-21 07:42:39 +0000 (Tue, 21 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-21 15:35:17 +0000 (Mon, 21 Oct 2019)\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n\n script_tag(name:\"qod_type\", value:\"executable_version_unreliable\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_cve_id(\"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n\n script_name(\"tcpdump < 4.9.3 Multiple Vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Buffer overflow\");\n script_dependencies(\"gb_tcpdump_ssh_detect.nasl\");\n script_mandatory_keys(\"tcpdump/detected\");\n\n script_tag(name:\"summary\", value:\"tcpdump is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"There are buffer over-read vulnerabilities in the following modules:\n\n print-ldp.c:ldp_tlv_print(), print_icmp.c:icmp_print(), print_vrrp.c:vrrp_print(),\n print_lmp.c:lmp_print_data_link_subobjs(), print_rsvp.c:rsvp_obj_print(),\n print-rx.c:rx_cache_find(), print-rx.c:rx_cache_insert(),\n print-bgp.c:bgp_capabilities_print(), print-fr.c:mfr_print(), print-isakkmp.c:ikev1_n_print(),\n print_babel.c:babel_print_v2(), print-ospf6.c:ospf6_print_lshdr(), print-icmp6.c,\n print-802_11.c, print-hncp.c:print_prefix(), print-dccp.c:dccp_print_option(),\n print_bgp.c:bgp_attr_print(), print-smb.c:print_trans()\n\n There is a buffer overflow vulnerability in tcpdump.c:get_next_file().\n\n There is a stack consumption vulnerability in print-bgp.c:bgp_attr_print().\n\n There is a stack exhaustion vulnerability in smbutil.c:smb_fdata().\n\n print_lmp.c:lmp_print_data_link_subobjs() lacks bounds checks.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation would allow an attacker to read sensitive information\n or execute arbitrary code on the target machine.\");\n\n script_tag(name:\"affected\", value:\"tcpdump through version 4.9.2.\");\n\n script_tag(name:\"solution\", value:\"Update to version 4.9.3.\");\n\n script_xref(name:\"URL\", value:\"https://www.tcpdump.org/tcpdump-changes.txt\");\n\n exit(0);\n}\n\nCPE = \"cpe:/a:tcpdump:tcpdump\";\n\ninclude( \"host_details.inc\" );\ninclude( \"version_func.inc\" );\n\nif( ! infos = get_app_version_and_location( cpe: CPE, exit_no_version: TRUE ) ) exit( 0 );\nversion = infos[\"version\"];\nlocation = infos[\"location\"];\n\nif( version_is_less( version: version, test_version: \"4.9.3\" ) ) {\n report = report_fixed_ver( installed_version: version, fixed_version: \"4.9.3\", install_path: location );\n security_message( data: report, port: 0 );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T19:27:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-12T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for tcpdump (DLA-1955-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14882", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2020-01-29T00:00:00", "id": "OPENVAS:1361412562310891955", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310891955", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.891955\");\n script_version(\"2020-01-29T08:22:52+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-29 08:22:52 +0000 (Wed, 29 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-12 02:00:27 +0000 (Sat, 12 Oct 2019)\");\n script_name(\"Debian LTS: Security Advisory for tcpdump (DLA-1955-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2019/10/msg00015.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-1955-1\");\n script_xref(name:\"URL\", value:\"https://bugs.debian.org/941698\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the DLA-1955-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in tcpdump, a\ncommand-line network traffic analyzer. These security vulnerabilities\nmight result in denial of service or, potentially, execution of\narbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', these problems have been fixed in version\n4.9.3-1~deb8u1.\n\nWe recommend that you upgrade your tcpdump packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.3-1~deb8u1\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-10-23T14:51:01", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-23T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 4547-1 (tcpdump - security update)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14882", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2019-10-23T00:00:00", "id": "OPENVAS:1361412562310704547", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704547", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704547\");\n script_version(\"2019-10-23T02:00:33+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-23 02:00:33 +0000 (Wed, 23 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-23 02:00:33 +0000 (Wed, 23 Oct 2019)\");\n script_name(\"Debian Security Advisory DSA 4547-1 (tcpdump - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4547.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4547-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the DSA-4547-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities have been discovered in tcpdump, a command-line\nnetwork traffic analyzer. These vulnerabilities might result in denial of\nservice or, potentially, execution of arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 4.9.3-1~deb9u1.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 4.9.3-1~deb10u1.\n\nWe recommend that you upgrade your tcpdump packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.3-1~deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.3-1~deb9u1\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-17T17:01:49", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1437)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14882", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201437", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201437", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1437\");\n script_version(\"2020-04-16T05:52:58+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:52:58 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:52:58 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1437)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1437\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1437\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2020-1437 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\n\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\n\n\nThe FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\n\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\n\n\nlmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\n\n\nThe LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\n\n\nThe ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\n\n\nThe VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\n\n\nThe LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-14464)\n\n\n\nThe RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\n\n\nThe Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\n\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\n\n\nThe IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\n\n\nThe Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\n\n\nThe command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\n\n\nThe OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\n\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\n\n\nThe IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\n\n\nThe DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\n\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\n\n\nThe BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\n\n\nThe SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROW ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.0~5.h179\", rls:\"EULEROS-2.0SP3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-05T16:57:41", "description": "This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.", "cvss3": {}, "published": "2019-12-12T00:00:00", "type": "openvas", "title": "Apple MacOSX Security Updates(HT210788)-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2019-15161", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2019-15165", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2019-15162", "CVE-2018-16227", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15163", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881", "CVE-2019-15164"], "modified": "2020-03-04T00:00:00", "id": "OPENVAS:1361412562310815874", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310815874", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.815874\");\n script_version(\"2020-03-04T09:29:37+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\",\n \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\",\n \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\",\n \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\",\n \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\",\n \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\",\n \"CVE-2018-16452\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\",\n \"CVE-2019-15164\", \"CVE-2019-15165\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-03-04 09:29:37 +0000 (Wed, 04 Mar 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-12-12 11:00:05 +0530 (Thu, 12 Dec 2019)\");\n script_name(\"Apple MacOSX Security Updates(HT210788)-01\");\n\n script_tag(name:\"summary\", value:\"This host is installed with Apple Mac OS X\n and is prone to multiple vulnerabilities.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is\n present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple flaws exists due to,\n\n - A validation issue related to improper input sanitization.\n\n - An API issue existed in the handling of outgoing phone calls initiated with\n Siri.\n\n - An issue existed related to improper checks.\n\n - A buffer overflow issue related to improper bounds checking.\n\n - An out-of-bounds read error related to improper input validation.\n\n - An issue existed in the parsing of crafted XML file.\n\n - Multiple issues in OpenLDAP.\n\n - Multiple issues in tcpdump.\n\n - Multiple memory corruption issues related to improper memory handling.\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation allows attackers to\n read restricted memory, execute arbitrary code, conduct denial of service\n attack and disclosure of user information.\");\n\n script_tag(name:\"affected\", value:\"Apple Mac OS X versions 10.15.x prior to 10.15.2.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Apple Mac OS X 10.15.2 or later.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_xref(name:\"URL\", value:\"https://support.apple.com/en-us/HT210788\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Mac OS X Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/osx_name\", \"ssh/login/osx_version\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"ssh_func.inc\");\n\nosName = get_kb_item(\"ssh/login/osx_name\");\nif(!osName)\n exit(0);\n\nosVer = get_kb_item(\"ssh/login/osx_version\");\nif(!osVer || osVer !~ \"^10\\.15\" || \"Mac OS X\" >!< osName)\n exit(0);\n\nif(version_is_less(version:osVer, test_version:\"10.15.2\")) {\n report = report_fixed_ver(installed_version:osVer, fixed_version:\"10.15.2\");\n security_message(port:0, data:report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:32", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2551)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-14467", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192551", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192551", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2551\");\n script_version(\"2020-01-23T13:05:14+0000\");\n script_cve_id(\"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-16227\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\");\n script_tag(name:\"cvss_base\", value:\"5.1\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:H/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:05:14 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:05:14 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2551)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2551\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2551\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2019-2551 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\nThe ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\nThe VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\nThe LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-14464)\n\nThe RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\nThe Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\nThe IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\nThe Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\nThe command-line argument parser in tcpdump before 4.9.3 has a buffer overflow in tcpdump.c:get_next_file().(CVE-2018-14879)\n\nThe OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\nThe IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\nThe DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\nThe BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\nThe SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\nThe SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.2~3.h2.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.1, "vector": "AV:N/AC:H/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:30:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tcpdump (openSUSE-SU-2019:2348-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852829", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852829", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852829\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\",\n \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\",\n \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\",\n \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\",\n \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\",\n \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\",\n \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:33:43 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for tcpdump (openSUSE-SU-2019:2348-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2348-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00053.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the openSUSE-SU-2019:2348-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tcpdump fixes the following issues:\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print\n and lookup_emem (bsc#1068716 bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of SMB data\n (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of SMB data\n (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print\n (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print\n (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print\n (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in\n print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print\n (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find\n (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in\n print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print\n (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print\n (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2\n (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the command-line argument\n parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser\n (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser\n (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in\n print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP parser\n (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser\n (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in\n print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that\n allowed denial-of-service by stack consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in\n print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN\n (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata\n (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs\n (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\n This update was importe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.2~lp151.4.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump-debuginfo\", rpm:\"tcpdump-debuginfo~4.9.2~lp151.4.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump-debugsource\", rpm:\"tcpdump-debugsource~4.9.2~lp151.4.6.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:36:00", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2305)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2018-14881"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192305", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192305", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2305\");\n script_version(\"2020-01-23T12:45:59+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:45:59 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:45:59 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2305)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2305\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2305\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2019-2305 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.(CVE-2017-16808)\n\nThe FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\nThe IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print().(CVE-2018-14469)\n\nThe Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2().(CVE-2018-14470)\n\nThe Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert().(CVE-2018-14466)\n\nThe LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print().(CVE-2018-14461)\n\nThe ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print().(CVE-2018-14462)\n\nThe RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print().(CVE-2018-14465)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_RESTART).(CVE-2018-14881)\n\nThe LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs().(CVE-2018-14464)\n\nThe VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\nThe OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\nThe SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\nThe IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\nThe DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\nlibpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading.(CVE-2018-16301)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\nThe SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(C ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.3~1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-06T12:10:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Fedora Update for tcpdump FEDORA-2019-d06bc63433", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876949", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876949", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876949\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14466\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14465\", \"CVE-2018-14881\", \"CVE-2018-14464\", \"CVE-2018-14463\", \"CVE-2018-14467\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14880\", \"CVE-2018-16451\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16229\", \"CVE-2018-16301\", \"CVE-2018-16230\", \"CVE-2018-16452\", \"CVE-2018-16300\", \"CVE-2018-16228\", \"CVE-2019-15166\", \"CVE-2019-15167\", \"CVE-2018-19519\", \"CVE-2018-14879\", \"CVE-2019-1010220\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 03:35:05 +0000 (Wed, 30 Oct 2019)\");\n script_name(\"Fedora Update for tcpdump FEDORA-2019-d06bc63433\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-d06bc63433\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FNYXF3IY2X65IOD422SA6EQUULSGW7FN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the FEDORA-2019-d06bc63433 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tcpdump is a command-line tool for monitoring network traffic.\nTcpdump can capture and display the packet headers on a particular\nnetwork interface or on all interfaces. Tcpdump can display all of\nthe packet headers, or just the ones that match particular criteria.\n\nInstall tcpdump if you need a program to monitor network traffic.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.3~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-31T16:48:30", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for tcpdump (openSUSE-SU-2019:2344-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852744", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852744", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852744\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-21 02:00:39 +0000 (Mon, 21 Oct 2019)\");\n script_name(\"openSUSE: Security Advisory for tcpdump (openSUSE-SU-2019:2344-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2344-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00050.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the openSUSE-SU-2019:2344-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for tcpdump fixes the following issues:\n\n - CVE-2017-16808: Fixed a heap-based buffer over-read related to aoe_print\n and lookup_emem (bsc#1068716 bsc#1153098).\n\n - CVE-2018-10103: Fixed a mishandling of the printing of SMB data\n (bsc#1153098).\n\n - CVE-2018-10105: Fixed a mishandling of the printing of SMB data\n (bsc#1153098).\n\n - CVE-2018-14461: Fixed a buffer over-read in print-ldp.c:ldp_tlv_print\n (bsc#1153098).\n\n - CVE-2018-14462: Fixed a buffer over-read in print-icmp.c:icmp_print\n (bsc#1153098).\n\n - CVE-2018-14463: Fixed a buffer over-read in print-vrrp.c:vrrp_print\n (bsc#1153098).\n\n - CVE-2018-14464: Fixed a buffer over-read in\n print-lmp.c:lmp_print_data_link_subobjs (bsc#1153098).\n\n - CVE-2018-14465: Fixed a buffer over-read in print-rsvp.c:rsvp_obj_print\n (bsc#1153098).\n\n - CVE-2018-14466: Fixed a buffer over-read in print-rx.c:rx_cache_find\n (bsc#1153098).\n\n - CVE-2018-14467: Fixed a buffer over-read in\n print-bgp.c:bgp_capabilities_print (bsc#1153098).\n\n - CVE-2018-14468: Fixed a buffer over-read in print-fr.c:mfr_print\n (bsc#1153098).\n\n - CVE-2018-14469: Fixed a buffer over-read in print-isakmp.c:ikev1_n_print\n (bsc#1153098).\n\n - CVE-2018-14470: Fixed a buffer over-read in print-babel.c:babel_print_v2\n (bsc#1153098).\n\n - CVE-2018-14879: Fixed a buffer overflow in the command-line argument\n parser (bsc#1153098).\n\n - CVE-2018-14880: Fixed a buffer over-read in the OSPFv3 parser\n (bsc#1153098).\n\n - CVE-2018-14881: Fixed a buffer over-read in the BGP parser (bsc#1153098).\n\n - CVE-2018-14882: Fixed a buffer over-read in the ICMPv6 parser\n (bsc#1153098).\n\n - CVE-2018-16227: Fixed a buffer over-read in the IEEE 802.11 parser in\n print-802_11.c for the Mesh Flags subfield (bsc#1153098).\n\n - CVE-2018-16228: Fixed a buffer over-read in the HNCP parser\n (bsc#1153098).\n\n - CVE-2018-16229: Fixed a buffer over-read in the DCCP parser\n (bsc#1153098).\n\n - CVE-2018-16230: Fixed a buffer over-read in the BGP parser in\n print-bgp.c:bgp_attr_print (bsc#1153098).\n\n - CVE-2018-16300: Fixed an unlimited recursion in the BGP parser that\n allowed denial-of-service by stack consumption (bsc#1153098).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332 bsc#1153098).\n\n - CVE-2018-16451: Fixed several buffer over-reads in\n print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN\n (bsc#1153098).\n\n - CVE-2018-16452: Fixed a stack exhaustion in smbutil.c:smb_fdata\n (bsc#1153098).\n\n - CVE-2019-15166: Fixed a bounds check in lmp_print_data_link_subobjs\n (bsc#1153098).\n\n - CVE-2019-15167: Fixed a vulnerability in VRRP (bsc#1153098).\n\n This update was importe ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.2~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump-debuginfo\", rpm:\"tcpdump-debuginfo~4.9.2~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump-debugsource\", rpm:\"tcpdump-debugsource~4.9.2~lp150.10.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-14T14:48:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for tcpdump FEDORA-2019-6db0d5b9d9", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877172", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877172", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877172\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14466\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14465\", \"CVE-2018-14881\", \"CVE-2018-14464\", \"CVE-2018-14463\", \"CVE-2018-14467\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14880\", \"CVE-2018-16451\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16229\", \"CVE-2018-16301\", \"CVE-2018-16230\", \"CVE-2018-16452\", \"CVE-2018-16300\", \"CVE-2018-16228\", \"CVE-2019-15166\", \"CVE-2019-15167\", \"CVE-2018-19519\", \"CVE-2018-14879\", \"CVE-2019-1010220\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:30:10 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for tcpdump FEDORA-2019-6db0d5b9d9\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-6db0d5b9d9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/62XY42U6HY3H2APR5EHNWCZ7SAQNMMJN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the FEDORA-2019-6db0d5b9d9 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tcpdump is a command-line tool for monitoring network traffic.\nTcpdump can capture and display the packet headers on a particular\nnetwork interface or on all interfaces. Tcpdump can display all of\nthe packet headers, or just the ones that match particular criteria.\n\nInstall tcpdump if you need a program to monitor network traffic.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.3~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-11-06T12:10:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-26T00:00:00", "type": "openvas", "title": "Fedora Update for tcpdump FEDORA-2019-85d92df70f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876932", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876932", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876932\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14466\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14465\", \"CVE-2018-14881\", \"CVE-2018-14464\", \"CVE-2018-14463\", \"CVE-2018-14467\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14880\", \"CVE-2018-16451\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16229\", \"CVE-2018-16301\", \"CVE-2018-16230\", \"CVE-2018-16452\", \"CVE-2018-16300\", \"CVE-2018-16228\", \"CVE-2019-15166\", \"CVE-2019-15167\", \"CVE-2018-19519\", \"CVE-2018-14879\", \"CVE-2019-1010220\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-26 02:27:03 +0000 (Sat, 26 Oct 2019)\");\n script_name(\"Fedora Update for tcpdump FEDORA-2019-85d92df70f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-85d92df70f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R2UDPOSGVJQIYC33SQBXMDXHH4QDSDMU\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the FEDORA-2019-85d92df70f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Tcpdump is a command-line tool for monitoring network traffic.\nTcpdump can capture and display the packet headers on a particular\nnetwork interface or on all interfaces. Tcpdump can display all of\nthe packet headers, or just the ones that match particular criteria.\n\nInstall tcpdump if you need a program to monitor network traffic.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.3~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-29T18:43:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-28T00:00:00", "type": "openvas", "title": "Ubuntu: Security Advisory for tcpdump (USN-4252-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-14879", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2020-01-28T00:00:00", "id": "OPENVAS:1361412562310844311", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844311", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844311\");\n script_version(\"2020-01-28T10:45:23+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14879\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-28 10:45:23 +0000 (Tue, 28 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-28 04:00:26 +0000 (Tue, 28 Jan 2020)\");\n script_name(\"Ubuntu: Security Advisory for tcpdump (USN-4252-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU18\\.04 LTS|UBUNTU16\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4252-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-January/005292.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'tcpdump'\n package(s) announced via the USN-4252-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple security issues were discovered in tcpdump. A remote attacker\ncould use these issues to cause tcpdump to crash, resulting in a denial of\nservice, or possibly execute arbitrary code.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.3-0ubuntu0.18.04.1\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU16.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"tcpdump\", ver:\"4.9.3-0ubuntu0.16.04.1\", rls:\"UBUNTU16.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:34:03", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1072)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-19519", "CVE-2018-16300", "CVE-2018-14463", "CVE-2018-14469", "CVE-2018-10103", "CVE-2018-14467", "CVE-2018-10105", "CVE-2018-16229", "CVE-2018-16452", "CVE-2018-14466", "CVE-2018-14470", "CVE-2018-14880", "CVE-2018-16301", "CVE-2018-14882", "CVE-2017-16808", "CVE-2018-16451", "CVE-2018-16227", "CVE-2019-1010220", "CVE-2018-14468", "CVE-2018-16228", "CVE-2018-14461", "CVE-2018-14462", "CVE-2018-16230", "CVE-2018-14465", "CVE-2019-15166", "CVE-2018-14464", "CVE-2019-15167", "CVE-2018-14881"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201072", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201072", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1072\");\n script_version(\"2020-01-23T15:42:05+0000\");\n script_cve_id(\"CVE-2017-16808\", \"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14461\", \"CVE-2018-14462\", \"CVE-2018-14463\", \"CVE-2018-14464\", \"CVE-2018-14465\", \"CVE-2018-14466\", \"CVE-2018-14467\", \"CVE-2018-14468\", \"CVE-2018-14469\", \"CVE-2018-14470\", \"CVE-2018-14880\", \"CVE-2018-14881\", \"CVE-2018-14882\", \"CVE-2018-16227\", \"CVE-2018-16228\", \"CVE-2018-16229\", \"CVE-2018-16230\", \"CVE-2018-16300\", \"CVE-2018-16301\", \"CVE-2018-16451\", \"CVE-2018-16452\", \"CVE-2018-19519\", \"CVE-2019-1010220\", \"CVE-2019-15166\", \"CVE-2019-15167\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 15:42:05 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:18:58 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1072)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1072\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1072\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2020-1072 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump.org tcpdump 4.9.2 is affected by: CWE-126: Buffer Over-read. The impact is: May expose Saved Frame Pointer, Return Address etc. on stack. The component is: line 234:'ND_PRINT((ndo, '%s', buf)), ', in function named 'print_prefix', in 'print-hncp.c'. The attack vector is: The victim must open a specially crafted pcap file.(CVE-2019-1010220)\n\nIn tcpdump 4.9.2, a stack-based buffer over-read exists in the print_prefix function of print-hncp.c via crafted packet data because of missing initialization.(CVE-2018-19519)\n\nThis candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.(CVE-2019-15167)\n\nlmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\nThe HNCP parser in tcpdump before 4.9.3 has a buffer over-read in print-hncp.c:print_prefix().(CVE-2018-16228)\n\nThe BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion.(CVE-2018-16300)\n\nThe SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion.(CVE-2018-16452)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_attr_print() (MP_REACH_NLRI).(CVE-2018-16230)\n\nlibpcap before 1.9.1, as used in tcpdump before 4.9.3, has a buffer overflow and/or over-read because of errors in pcapng reading.(CVE-2018-16301)\n\nThe DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option().(CVE-2018-16229)\n\nThe IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield.(CVE-2018-16227)\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\nThe SMB parser in tcpdump before 4.9.3 has buffer over-reads in print-smb.c:print_trans() for \\MAILSLOT\\BROWSE and \\PIPE\\LANMAN.(CVE-2018-16451)\n\nThe OSPFv3 parser in tcpdump before 4.9.3 has a buffer over-read in print-ospf6.c:ospf6_print_lshdr().(CVE-2018-14880)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\nThe BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP).(CVE-2018-14467)\n\nThe VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print().(CVE-2018-14463)\n\nThe LMP parser in tcpdump before 4.9.3 has a ...\n\n Description truncated. Please see the references for more information.\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.3~1.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-06T13:27:55", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Fedora Update for libpcap FEDORA-2019-b92ce3144a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15165", "CVE-2018-16301", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876951", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876951\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 03:35:34 +0000 (Wed, 30 Oct 2019)\");\n script_name(\"Fedora Update for libpcap FEDORA-2019-b92ce3144a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-b92ce3144a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GBIEKWLNIR62KZ5GA7EDXZS52HU6OE5F\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpcap'\n package(s) announced via the FEDORA-2019-b92ce3144a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libpcap provides a portable framework for low-level network\nmonitoring. Libpcap can provide network statistics collection,\nsecurity monitoring and network debugging. Since almost every system\nvendor provides a different interface for packet capture, the libpcap\nauthors created this system-independent API to ease in porting and to\nalleviate the need for several system-dependent packet capture modules\nin each application.\n\nInstall libpcap if you need to do low-level network traffic monitoring\non your network.\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap\", rpm:\"libpcap~1.9.1~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-06T13:24:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-30T00:00:00", "type": "openvas", "title": "Fedora Update for libpcap FEDORA-2019-eaa681d33e", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15165", "CVE-2018-16301", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164"], "modified": "2019-10-30T00:00:00", "id": "OPENVAS:1361412562310876952", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876952", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876952\");\n script_version(\"2019-10-30T10:03:24+0000\");\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-10-30 10:03:24 +0000 (Wed, 30 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-30 03:35:40 +0000 (Wed, 30 Oct 2019)\");\n script_name(\"Fedora Update for libpcap FEDORA-2019-eaa681d33e\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-eaa681d33e\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5P5K3DQ4TFSZBDB3XN4CZNJNQ3UIF3D3\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpcap'\n package(s) announced via the FEDORA-2019-eaa681d33e advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libpcap provides a portable framework for low-level network\nmonitoring. Libpcap can provide network statistics collection,\nsecurity monitoring and network debugging. Since almost every system\nvendor provides a different interface for packet capture, the libpcap\nauthors created this system-independent API to ease in porting and to\nalleviate the need for several system-dependent packet capture modules\nin each application.\n\nInstall libpcap if you need to do low-level network traffic monitoring\non your network.\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap\", rpm:\"libpcap~1.9.1~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-06T16:42:10", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "Fedora Update for libpcap FEDORA-2019-4fe461079f", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15165", "CVE-2018-16301", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164"], "modified": "2020-01-13T00:00:00", "id": "OPENVAS:1361412562310877288", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877288", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877288\");\n script_version(\"2020-01-13T11:49:13+0000\");\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-13 11:49:13 +0000 (Mon, 13 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 07:36:08 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"Fedora Update for libpcap FEDORA-2019-4fe461079f\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC31\");\n\n script_xref(name:\"FEDORA\", value:\"2019-4fe461079f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UZTIPUWABYUE5KQOLCKAW65AUUSB7QO6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpcap'\n package(s) announced via the FEDORA-2019-4fe461079f advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Libpcap provides a portable framework for low-level network\nmonitoring. Libpcap can provide network statistics collection,\nsecurity monitoring and network debugging. Since almost every system\nvendor provides a different interface for packet capture, the libpcap\nauthors created this system-independent API to ease in porting and to\nalleviate the need for several system-dependent packet capture modules\nin each application.\n\nInstall libpcap if you need to do low-level network traffic monitoring\non your network.\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on Fedora 31.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC31\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap\", rpm:\"libpcap~1.9.1~1.fc31\", rls:\"FC31\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:37:27", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libpcap (EulerOS-SA-2020-1082)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15165", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220201082", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201082", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1082\");\n script_version(\"2020-01-23T13:19:51+0000\");\n script_cve_id(\"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:19:51 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:19:51 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libpcap (EulerOS-SA-2020-1082)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.5\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1082\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1082\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libpcap' package(s) announced via the EulerOS-SA-2020-1082 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"sf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.(CVE-2019-15165)\n\nrpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.(CVE-2019-15164)\n\nrpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.(CVE-2019-15163)\n\nrpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.(CVE-2019-15161)\n\nrpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.(CVE-2019-15162)\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.5.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.5.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap\", rpm:\"libpcap~1.9.1~2.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.5.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-01-27T18:36:55", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for libpcap (EulerOS-SA-2019-2286)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15161", "CVE-2019-15165", "CVE-2019-15162", "CVE-2019-15163", "CVE-2019-15164"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192286", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192286", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2286\");\n script_version(\"2020-01-23T12:45:31+0000\");\n script_cve_id(\"CVE-2019-15161\", \"CVE-2019-15162\", \"CVE-2019-15163\", \"CVE-2019-15164\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:45:31 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:45:31 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for libpcap (EulerOS-SA-2019-2286)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2286\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2286\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'libpcap' package(s) announced via the EulerOS-SA-2019-2286 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"rpcapd/daemon.c in libpcap before 1.9.1 mishandles certain length values because of reuse of a variable. This may open up an attack vector involving extra data at the end of a request.(CVE-2019-15161)\n\nrpcapd/daemon.c in libpcap before 1.9.1 on non-Windows platforms provides details about why authentication failed, which might make it easier for attackers to enumerate valid usernames.(CVE-2019-15162)\n\nrpcapd/daemon.c in libpcap before 1.9.1 allows attackers to cause a denial of service (NULL pointer dereference and daemon crash) if a crypt() call fails.(CVE-2019-15163)\n\nrpcapd/daemon.c in libpcap before 1.9.1 allows SSRF because a URL may be provided as a capture source.(CVE-2019-15164)\n\nsf-pcapng.c in libpcap before 1.9.1 does not properly validate the PHB header length before allocating memory.(CVE-2019-15165)\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap\", rpm:\"libpcap~1.9.1~1.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-06-17T15:46:42", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1623)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14882", "CVE-2018-14468", "CVE-2019-15166"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201623", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201623", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1623\");\n script_version(\"2020-06-16T05:47:05+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14468\", \"CVE-2018-14882\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:47:05 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:47:05 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1623)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1623\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1623\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2020-1623 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\nlmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\n\nThe FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.0~5.h180\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-01-27T18:35:46", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2703)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14882", "CVE-2018-14468", "CVE-2019-15166"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192703", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192703", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2703\");\n script_version(\"2020-01-23T13:14:50+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14468\", \"CVE-2018-14882\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 13:14:50 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 13:14:50 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2019-2703)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2703\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2703\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2019-2703 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\nThe FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\nlmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.2~3.h3.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-06T01:07:03", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-04-30T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1558)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2018-10103", "CVE-2018-10105", "CVE-2018-14882", "CVE-2018-14468", "CVE-2019-15166"], "modified": "2020-04-30T00:00:00", "id": "OPENVAS:1361412562311220201558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201558", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1558\");\n script_version(\"2020-04-30T12:13:36+0000\");\n script_cve_id(\"CVE-2018-10103\", \"CVE-2018-10105\", \"CVE-2018-14468\", \"CVE-2018-14882\", \"CVE-2019-15166\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-30 12:13:36 +0000 (Thu, 30 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-30 12:13:36 +0000 (Thu, 30 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for tcpdump (EulerOS-SA-2020-1558)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1558\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1558\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'tcpdump' package(s) announced via the EulerOS-SA-2020-1558 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).(CVE-2018-10105)\n\ntcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).(CVE-2018-10103)\n\nThe FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print().(CVE-2018-14468)\n\nThe ICMPv6 parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp6.c.(CVE-2018-14882)\n\nlmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks.(CVE-2019-15166)\");\n\n script_tag(name:\"affected\", value:\"'tcpdump' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"tcpdump\", rpm:\"tcpdump~4.9.2~3.h3\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-03-06T16:36:57", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-01-09T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libpcap (openSUSE-SU-2019:2345-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15165", "CVE-2018-16301"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852939", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852939", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852939\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:46:44 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for libpcap (openSUSE-SU-2019:2345-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2345-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00051.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpcap'\n package(s) announced via the openSUSE-SU-2019:2345-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libpcap fixes the following issues:\n\n - CVE-2019-15165: Added sanity checks for PHB header length before\n allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2345=1\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-debugsource\", rpm:\"libpcap-debugsource~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel-static\", rpm:\"libpcap-devel-static~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1\", rpm:\"libpcap1~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-debuginfo\", rpm:\"libpcap1-debuginfo~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel-32bit\", rpm:\"libpcap-devel-32bit~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-32bit\", rpm:\"libpcap1-32bit~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-32bit-debuginfo\", rpm:\"libpcap1-32bit-debuginfo~1.8.1~lp151.4.3.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2020-03-06T17:03:43", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-21T00:00:00", "type": "openvas", "title": "openSUSE: Security Advisory for libpcap (openSUSE-SU-2019:2343-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15165", "CVE-2018-16301"], "modified": "2020-01-31T00:00:00", "id": "OPENVAS:1361412562310852746", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852746", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852746\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2018-16301\", \"CVE-2019-15165\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-10-21 02:01:01 +0000 (Mon, 21 Oct 2019)\");\n script_name(\"openSUSE: Security Advisory for libpcap (openSUSE-SU-2019:2343-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2343-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-10/msg00052.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'libpcap'\n package(s) announced via the openSUSE-SU-2019:2343-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for libpcap fixes the following issues:\n\n - CVE-2019-15165: Added sanity checks for PHB header length before\n allocating memory (bsc#1153332).\n\n - CVE-2018-16301: Fixed a buffer overflow (bsc#1153332).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2343=1\");\n\n script_tag(name:\"affected\", value:\"'libpcap' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-debugsource\", rpm:\"libpcap-debugsource~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel\", rpm:\"libpcap-devel~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel-static\", rpm:\"libpcap-devel-static~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1\", rpm:\"libpcap1~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-debuginfo\", rpm:\"libpcap1-debuginfo~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap-devel-32bit\", rpm:\"libpcap-devel-32bit~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-32bit\", rpm:\"libpcap1-32bit~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libpcap1-32bit-debuginfo\", rpm:\"libpcap1-32bit-debuginfo~1.8.1~lp150.3.3.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-10-04T18:39:33", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-tools FEDORA-2019-a570a92d5a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14835", "CVE-2019-14821"], "modified": "2019-10-04T00:00:00", "id": "OPENVAS:1361412562310876870", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876870", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876870\");\n script_version(\"2019-10-04T07:25:00+0000\");\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\");\n script_tag(name:\"cvss_base\", value:\"7.2\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-10-04 07:25:00 +0000 (Fri, 04 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-04 02:29:01 +0000 (Fri, 04 Oct 2019)\");\n script_name(\"Fedora Update for kernel-tools FEDORA-2019-a570a92d5a\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-a570a92d5a\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3HCXGZLD73M3LRUPE66DQ3CRFZK4QL5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'kernel-tools'\n package(s) announced via the FEDORA-2019-a570a92d5a advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This package contains the tools/ directory from the kernel source\nand the supporting documentation.\");\n\n script_tag(name:\"affected\", value:\"'kernel-tools' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"kernel-tools\", rpm:\"kernel-tools~5.2.17~100.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-10-04T18:40:50", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2019-10-04T00:00:00", "type": "openvas", "title": "Fedora Update for kernel-headers FEDORA-2019-a570a92d5a", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-14835", "CVE-2019-14821"], "modified": "2019-10-04T00:00:00", "id": "OPENVAS:1361412562310876868", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876868", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876868\");\n script_version(\"2019-10-04T07:25:00+0000\");\n script_cve_id(\"CVE-2019-14821\", \"CVE-2019-14835\");\n script_tag(na
Critical Photon OS Security Update - PHSA-2019-0034
