(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2

2013-08-29T00:00:00

Description

Red Hat JBoss Fuse 6.0.0, based on Apache ServiceMix, provides an integration platform. Red Hat JBoss Fuse 6.0.0 patch 2 is an update to Red Hat JBoss Fuse 6.0.0 and includes bug fixes. Refer to the readme file included with the patch files for information about these fixes. The following security issues are also resolved with this update: A flaw was found in the logging performed during deserialization of the BrokerFactory class in Apache OpenJPA. A remote attacker able to supply a serialized instance of the BrokerFactory class, which will be deserialized on a server, could use this flaw to write an executable file to the server's file system. (CVE-2013-1768) A flaw in JRuby's JSON gem allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. (CVE-2013-0269) It was discovered that JRuby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially-crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821) Note: Red Hat JBoss Fuse 6.0.0 ships JRuby as part of the camel-ruby component, which allows users to define Camel routes in Ruby. The default use of JRuby in Red Hat JBoss Fuse 6.0.0 does not appear to expose either CVE-2013-0269 or CVE-2013-1821. If the version of JRuby shipped with Red Hat JBoss Fuse 6.0.0 was used to build a custom application, then these flaws could be exposed. Multiple denial of service flaws were found in the way the Apache CXF StAX parser implementation processed certain XML files. If a web service utilized the StAX parser, a remote attacker could provide a specially-crafted XML file that, when processed, would lead to excessive CPU and memory consumption. (CVE-2013-2160) Red Hat would like to thank Ruby on Rails upstream for reporting CVE-2013-0269, and Andreas Falkenberg of SEC Consult Deutschland GmbH, and Christian Mainka, Juraj Somorovsky and Joerg Schwenk of Ruhr-University Bochum for reporting CVE-2013-2160. Upstream acknowledges Thomas Hollstegge of Zweitag and Ben Murphy as the original reporters of CVE-2013-0269. All users of Red Hat JBoss Fuse 6.0 as provided from the Red Hat Customer Portal are advised to apply this patch.

{"id": "RHSA-2013:1185", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2", "description": "Red Hat JBoss Fuse 6.0.0, based on Apache ServiceMix, provides an\nintegration platform.\n\nRed Hat JBoss Fuse 6.0.0 patch 2 is an update to Red Hat JBoss Fuse 6.0.0\nand includes bug fixes. Refer to the readme file included with the patch\nfiles for information about these fixes.\n\nThe following security issues are also resolved with this update:\n\nA flaw was found in the logging performed during deserialization of the\nBrokerFactory class in Apache OpenJPA. A remote attacker able to supply a\nserialized instance of the BrokerFactory class, which will be deserialized\non a server, could use this flaw to write an executable file to the\nserver's file system. (CVE-2013-1768)\n\nA flaw in JRuby's JSON gem allowed remote attacks by creating different\ntypes of malicious objects. For example, it could initiate a denial of\nservice attack through resource consumption by using a JSON document to\ncreate arbitrary Ruby symbols, which were never garbage collected. It could\nalso be exploited to create internal objects which could allow a SQL\ninjection attack. (CVE-2013-0269)\n\nIt was discovered that JRuby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nNote: Red Hat JBoss Fuse 6.0.0 ships JRuby as part of the camel-ruby\ncomponent, which allows users to define Camel routes in Ruby. The default\nuse of JRuby in Red Hat JBoss Fuse 6.0.0 does not appear to expose either\nCVE-2013-0269 or CVE-2013-1821. If the version of JRuby shipped with Red\nHat JBoss Fuse 6.0.0 was used to build a custom application, then these\nflaws could be exposed.\n\nMultiple denial of service flaws were found in the way the Apache CXF StAX\nparser implementation processed certain XML files. If a web service\nutilized the StAX parser, a remote attacker could provide a\nspecially-crafted XML file that, when processed, would lead to excessive\nCPU and memory consumption. (CVE-2013-2160)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting\nCVE-2013-0269, and Andreas Falkenberg of SEC Consult Deutschland GmbH, and\nChristian Mainka, Juraj Somorovsky and Joerg Schwenk of Ruhr-University\nBochum for reporting CVE-2013-2160. Upstream acknowledges Thomas Hollstegge\nof Zweitag and Ben Murphy as the original reporters of CVE-2013-0269.\n\nAll users of Red Hat JBoss Fuse 6.0 as provided from the Red Hat Customer\nPortal are advised to apply this patch.\n", "published": "2013-08-29T00:00:00", "modified": "2019-03-22T19:43:52", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false}, "cvss3": {}, "href": "https://access.redhat.com/errata/RHSA-2013:1185", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2013-0269", "CVE-2013-1768", "CVE-2013-1821", "CVE-2013-2160"], "immutableFields": [], "lastseen": "2021-10-19T20:36:13", "viewCount": 8, "enchantments": {"score": {"value": 1.3, "vector": "NONE"}, "dependencies": {"references": [{"type": "alpinelinux", "idList": ["ALPINE:CVE-2020-10663"]}, {"type": "amazon", "idList": ["ALAS-2013-173", "ALAS-2013-195", "ALAS-2020-1416", "ALAS-2020-1422", "ALAS-2020-1423", "ALAS-2020-1426", "ALAS-2021-1641", "ALAS2-2021-1641"]}, {"type": "centos", "idList": ["CESA-2013:0611", "CESA-2013:0612"]}, {"type": "cve", "idList": ["CVE-2013-0269", "CVE-2013-1768", "CVE-2013-1821", "CVE-2013-2160", "CVE-2014-8090", "CVE-2020-10663"]}, {"type": "debian", "idList": ["DEBIAN:DLA-215-1:65755", "DEBIAN:DLA-2192-1:E4FCE", "DEBIAN:DLA-2192-1:FD86A", "DEBIAN:DLA-263-1:BBAC7", "DEBIAN:DSA-2738-1:29A41", "DEBIAN:DSA-2809-1:4D0F8", "DEBIAN:DSA-2809-1:8D55D"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2013-0269", "DEBIANCVE:CVE-2013-1768", "DEBIANCVE:CVE-2020-10663"]}, {"type": "exploitdb", "idList": ["EDB-ID:26710"]}, {"type": "exploitpack", "idList": ["EXPLOITPACK:F68D9F2A41FD5F5B291BE3C9A076C77F"]}, {"type": "f5", "idList": ["F5:K15580", "SOL15580"]}, {"type": "fedora", "idList": ["FEDORA:0AD6620F7A", "FEDORA:3E33620F8B", "FEDORA:6E32B21D9C", "FEDORA:7DC1E21DCD", "FEDORA:8A26621F12", "FEDORA:8A8D421454", "FEDORA:94C1F2152A", "FEDORA:A731321454", "FEDORA:B02B720F77", "FEDORA:E46D820F4D", "FEDORA:F1DF420F5E"]}, {"type": "freebsd", "idList": ["40194E1C-6D89-11EA-8082-80EE73419AF3", "C79EB109-A754-45D7-B552-A42099EB2265"]}, {"type": "gentoo", "idList": ["GLSA-201412-27"]}, {"type": "github", "idList": ["GHSA-254Q-RP36-V2M8", "GHSA-HGG7-CGHQ-XHF4", "GHSA-J65F-MVGW-PRP2", "GHSA-JPHG-QWRW-7W9G", "GHSA-X457-CW4H-HQ5F"]}, {"type": "hackerone", "idList": ["H1:706934"]}, {"type": "ibm", "idList": ["115F3EB0BA2F3298C377EE0418146C99B00821A398DA6FE396702894FCCE2555", "31C0AFB718E47F2565BB2125DFEA05544B924823108F7C7BE892843715FA5571", "7E0744D5936EDC5F018B0850D801B665D388060D6A81B986BC7AD81C9A78C0EE", "9D7005B758961DB83E562429E679C1FF93E8A3CBFDA5A6EEC3C6B52C734D2869", "9F83ED7D961B69342BBB0C4157AF6D1AD1EF3528F0C8EC1218A10D5B884F6B87", "AE0E81DA70D4767A05867F281C7DA6B914221BF78DBCB9F9C7AAC2463D89B60B", "C44E07EA5086C9BEBD0E896839F7E52E6DE1B379F604FBD6F4A29FB1A0D32827", "D0934964E9B56702CBED525517F4EA576FF2F33A8BA6C800C34ECA9B7FE90236", "F5B4855A2BDF3424779D9A7DEEC69330CBD0503AFAA4BF2D919922C8B5B9AAE7"]}, {"type": "mageia", "idList": ["MGASA-2013-0292", "MGASA-2014-0001"]}, {"type": "nessus", "idList": ["AL2_ALAS-2021-1641.NASL", "ALA_ALAS-2013-173.NASL", "ALA_ALAS-2013-195.NASL", "ALA_ALAS-2020-1416.NASL", "ALA_ALAS-2020-1422.NASL", "ALA_ALAS-2020-1423.NASL", "ALA_ALAS-2020-1426.NASL", "CENTOS_RHSA-2013-0611.NASL", "CENTOS_RHSA-2013-0612.NASL", "DEBIAN_DLA-215.NASL", "DEBIAN_DLA-2192.NASL", "DEBIAN_DLA-263.NASL", "DEBIAN_DSA-2738.NASL", "DEBIAN_DSA-2809.NASL", "EULEROS_SA-2018-1374.NASL", "EULEROS_SA-2020-1590.NASL", "EULEROS_SA-2020-1615.NASL", "EULEROS_SA-2020-1686.NASL", "EULEROS_SA-2020-1691.NASL", "EULEROS_SA-2020-1717.NASL", "EULEROS_SA-2020-1955.NASL", "EULEROS_SA-2020-2139.NASL", "FEDORA_2013-12948.NASL", "FEDORA_2013-12960.NASL", "FEDORA_2013-12967.NASL", "FEDORA_2013-14106.NASL", "FEDORA_2013-14159.NASL", "FEDORA_2013-3050.NASL", "FEDORA_2013-3052.NASL", "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "FREEBSD_PKG_C79EB109A75445D7B552A42099EB2265.NASL", "GENTOO_GLSA-201412-27.NASL", "MACOSX_SERVER_3_0.NASL", "MANDRIVA_MDVSA-2013-124.NASL", "MANDRIVA_MDVSA-2013-246.NASL", "OPENSUSE-2013-298.NASL", "ORACLELINUX_ELSA-2013-0611.NASL", "ORACLELINUX_ELSA-2013-0612.NASL", "ORACLELINUX_ELSA-2021-2587.NASL", "ORACLELINUX_ELSA-2021-2588.NASL", "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "REDHAT-RHSA-2013-0611.NASL", "REDHAT-RHSA-2013-0612.NASL", "REDHAT-RHSA-2013-0686.NASL", "REDHAT-RHSA-2013-0701.NASL", "REDHAT-RHSA-2013-1437.NASL", "ROCKY_LINUX_RLSA-2020-2462.NASL", "ROCKY_LINUX_RLSA-2021-2587.NASL", "ROCKY_LINUX_RLSA-2021-2588.NASL", "SLACKWARE_SSA_2013-075-01.NASL", "SL_20130307_RUBY_ON_SL5_X.NASL", "SL_20130307_RUBY_ON_SL6_X.NASL", "SUSE_11_RUBY-140415.NASL", "SUSE_RUBY-8524.NASL", "UBUNTU_USN-1733-1.NASL", "UBUNTU_USN-1780-1.NASL", "UBUNTU_USN-4882-1.NASL", "WEBSPHERE_6_1_0_47.NASL", "WEBSPHERE_7_0_0_29.NASL", "WEBSPHERE_8_0_0_7.NASL", "WEBSPHERE_8_5_5.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310120094", "OPENVAS:1361412562310120557", "OPENVAS:1361412562310121313", "OPENVAS:1361412562310123672", "OPENVAS:1361412562310123674", "OPENVAS:1361412562310841320", "OPENVAS:1361412562310841379", "OPENVAS:1361412562310865430", "OPENVAS:1361412562310865436", "OPENVAS:1361412562310866113", "OPENVAS:1361412562310866287", "OPENVAS:1361412562310866453", "OPENVAS:1361412562310866454", "OPENVAS:1361412562310866455", "OPENVAS:1361412562310866477", "OPENVAS:1361412562310866504", "OPENVAS:1361412562310866511", "OPENVAS:1361412562310866758", "OPENVAS:1361412562310870951", "OPENVAS:1361412562310870954", "OPENVAS:1361412562310881652", "OPENVAS:1361412562310881671", "OPENVAS:1361412562310892192", "OPENVAS:1361412562310892738", "OPENVAS:1361412562310892809", "OPENVAS:1361412562311220181374", "OPENVAS:1361412562311220191428", "OPENVAS:1361412562311220201590", "OPENVAS:1361412562311220201615", "OPENVAS:1361412562311220201686", "OPENVAS:1361412562311220201691", "OPENVAS:1361412562311220201717", "OPENVAS:841320", "OPENVAS:841379", "OPENVAS:865430", "OPENVAS:865436", "OPENVAS:866113", "OPENVAS:866287", "OPENVAS:866453", "OPENVAS:866454", "OPENVAS:866455", "OPENVAS:866477", "OPENVAS:866504", "OPENVAS:866511", "OPENVAS:866758", "OPENVAS:870951", "OPENVAS:870954", "OPENVAS:881652", "OPENVAS:881671", "OPENVAS:892738", "OPENVAS:892809"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0611", "ELSA-2013-0612"]}, {"type": "osv", "idList": ["OSV:DLA-215-1", "OSV:DLA-2192-1", "OSV:DLA-263-1", "OSV:DSA-2738-1", "OSV:DSA-2809-1", "OSV:GHSA-254Q-RP36-V2M8", "OSV:GHSA-HGG7-CGHQ-XHF4", "OSV:GHSA-J65F-MVGW-PRP2", "OSV:GHSA-JPHG-QWRW-7W9G", "OSV:GHSA-X457-CW4H-HQ5F"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:122337"]}, {"type": "redhat", "idList": ["RHSA-2013:0611", "RHSA-2013:0612", "RHSA-2013:0686", "RHSA-2013:0701", "RHSA-2013:1028", "RHSA-2013:1862"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-10663"]}, {"type": "rubygems", "idList": ["RUBY:JSON-2013-0269-101137", "RUBY:JSON-2020-10663", "RUBY:RUBY-2013-1821-90587", "RUBY:RUBY-2014-8090-114641", "RUBY:RUBY-2020-10663"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29063", "SECURITYVULNS:DOC:29566", "SECURITYVULNS:DOC:29908", "SECURITYVULNS:VULN:12900", "SECURITYVULNS:VULN:13340"]}, {"type": "seebug", "idList": ["SSV:60893", "SSV:80338"]}, {"type": "slackware", "idList": ["SSA-2013-075-01"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0609-1", "SUSE-SU-2013:0609-2", "SUSE-SU-2013:0612-1", "SUSE-SU-2013:0615-1", "SUSE-SU-2013:0647-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA", "THREATPOST:C5198ADDF913B0409BFF92A22065A94F"]}, {"type": "ubuntu", "idList": ["USN-1733-1", "USN-1780-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-0269", "UB:CVE-2013-1768", "UB:CVE-2013-1821", "UB:CVE-2014-8090", "UB:CVE-2020-10663"]}, {"type": "veracode", "idList": ["VERACODE:22758"]}]}, "backreferences": {"references": [{"type": "amazon", "idList": ["ALAS-2020-1422", "ALAS-2020-1426"]}, {"type": "centos", "idList": ["CESA-2013:0611", "CESA-2013:0612"]}, {"type": "cve", "idList": ["CVE-2013-0269", "CVE-2013-1768", "CVE-2013-1821", "CVE-2013-2160"]}, {"type": "debian", "idList": ["DEBIAN:DSA-2809-1:4D0F8"]}, {"type": "exploitdb", "idList": ["EDB-ID:26710"]}, {"type": "f5", "idList": ["SOL15580"]}, {"type": "fedora", "idList": ["FEDORA:8A8D421454"]}, {"type": "freebsd", "idList": ["C79EB109-A754-45D7-B552-A42099EB2265"]}, {"type": "ibm", "idList": ["115F3EB0BA2F3298C377EE0418146C99B00821A398DA6FE396702894FCCE2555", "9D7005B758961DB83E562429E679C1FF93E8A3CBFDA5A6EEC3C6B52C734D2869"]}, {"type": "metasploit", "idList": ["MSF:ILITIES/HUAWEI-EULEROS-2_0_SP3-CVE-2020-10663/"]}, {"type": "nessus", "idList": ["FEDORA_2013-12948.NASL", "FEDORA_2013-12967.NASL", "FEDORA_2013-3050.NASL", "OPENSUSE-2013-298.NASL", "UBUNTU_USN-1780-1.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220181374", "OPENVAS:1361412562311220201590", "OPENVAS:866287", "OPENVAS:881652", "OPENVAS:881671", "OPENVAS:892738"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2018-3678067"]}, {"type": "oraclelinux", "idList": ["ELSA-2013-0611", "ELSA-2013-0612"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:122337"]}, {"type": "redhat", "idList": ["RHSA-2013:0611"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-10663"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:29566"]}, {"type": "seebug", "idList": ["SSV:80338"]}, {"type": "suse", "idList": ["SUSE-SU-2013:0609-1"]}, {"type": "threatpost", "idList": ["THREATPOST:4578050E70C81D137F2430D701799EDA"]}, {"type": "ubuntu", "idList": ["USN-1780-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2013-1821"]}]}, "exploitation": null, "epss": [{"cve": "CVE-2013-0269", "epss": "0.025260000", "percentile": "0.884850000", "modified": "2023-03-15"}, {"cve": "CVE-2013-1768", "epss": "0.042000000", "percentile": "0.908910000", "modified": "2023-03-15"}, {"cve": "CVE-2013-1821", "epss": "0.236270000", "percentile": "0.957960000", "modified": "2023-03-15"}, {"cve": "CVE-2013-2160", "epss": "0.044490000", "percentile": "0.911210000", "modified": "2023-03-15"}], "vulnersScore": 1.3}, "_state": {"dependencies": 1678917980, "score": 1678918398, "epss": 1678938645}, "_internal": {"score_hash": "caebb23a8cf2f284af782f025c1b3091"}, "affectedPackage": [], "vendorCvss": {"severity": "important"}}

{"slackware": [{"lastseen": "2019-05-30T07:37:07", "description": "New ruby packages are available for Slackware 13.1, 13.37, 14.0, and -current\nto fix security issues.\n\n\nHere are the details from the Slackware 14.0 ChangeLog:\n\npatches/packages/ruby-1.9.3_p392-i486-1_slack14.0.txz: Upgraded.\n This release includes security fixes about bundled JSON and REXML.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0269\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-1821\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ruby-1.9.3_p392-i486-1_slack13.1.txz\n\nUpdated package for Slackware x86_64 13.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ruby-1.9.3_p392-x86_64-1_slack13.1.txz\n\nUpdated package for Slackware 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ruby-1.9.3_p392-i486-1_slack13.37.txz\n\nUpdated package for Slackware x86_64 13.37:\nftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ruby-1.9.3_p392-x86_64-1_slack13.37.txz\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ruby-1.9.3_p392-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ruby-1.9.3_p392-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/d/ruby-1.9.3_p392-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/d/ruby-1.9.3_p392-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 13.1 package:\nd8a92d0917f4107ebad92f0acc918f0a ruby-1.9.3_p392-i486-1_slack13.1.txz\n\nSlackware x86_64 13.1 package:\nb0c05ed98dec1b441e3c6b2b1c2ef448 ruby-1.9.3_p392-x86_64-1_slack13.1.txz\n\nSlackware 13.37 package:\n668cbcb1d019be2d17d2e360e14ca71a ruby-1.9.3_p392-i486-1_slack13.37.txz\n\nSlackware x86_64 13.37 package:\n3dd5f32e3a490c99b76849a3849d3d7e ruby-1.9.3_p392-x86_64-1_slack13.37.txz\n\nSlackware 14.0 package:\n2243ed86da5940c91a4b1c6321613229 ruby-1.9.3_p392-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\nbebd503e73b25925759c0911e7e8c805 ruby-1.9.3_p392-x86_64-1_slack14.0.txz\n\nSlackware -current package:\n75ef8411ec70de62ccc9d53343fe67c7 d/ruby-1.9.3_p392-i486-1.txz\n\nSlackware x86_64 -current package:\n282f29edc2de41f8757f00234de97777 d/ruby-1.9.3_p392-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg ruby-1.9.3_p392-i486-1_slack14.0.txz", "cvss3": {}, "published": "2013-03-16T01:11:53", "type": "slackware", "title": "ruby", "bulletinFamily": "unix", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2013-1821"], "modified": "2013-03-16T01:11:53", "id": "SSA-2013-075-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-01-18T14:34:34", "description": "Ruby 1.8 was updated to fix a XML entity expansion denial of service attack (CVE-2013-1821)\n\nRuby 1.9 was updated to 1.9.3 p392, fixing the same security issues and also :\n\n - update json intree to 1.5.5: Denial of Service and Unsafe Object Creation Vulnerability in JSON CVE-2013-0269\n\n - limit entity expansion text limit to 10kB CVE-2013-1821\n\n - get rid of a SEGV when calling rb_iter_break() from some extention libraries.\n\n - some warning suppressed and smaller fixes", "cvss3": {}, "published": "2014-06-13T00:00:00", "type": "nessus", "title": "openSUSE Security Update : ruby (openSUSE-SU-2013:0603-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2013-1821"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ruby", "p-cpe:/a:novell:opensuse:ruby-common", "p-cpe:/a:novell:opensuse:ruby-debuginfo", "p-cpe:/a:novell:opensuse:ruby-debugsource", "p-cpe:/a:novell:opensuse:ruby-devel", "p-cpe:/a:novell:opensuse:ruby-doc-html", "p-cpe:/a:novell:opensuse:ruby-doc-ri", "p-cpe:/a:novell:opensuse:ruby-examples", "p-cpe:/a:novell:opensuse:ruby-test-suite", "p-cpe:/a:novell:opensuse:ruby-tk", "p-cpe:/a:novell:opensuse:ruby-tk-debuginfo", "p-cpe:/a:novell:opensuse:ruby19", "p-cpe:/a:novell:opensuse:ruby19-debuginfo", "p-cpe:/a:novell:opensuse:ruby19-debugsource", "p-cpe:/a:novell:opensuse:ruby19-devel", "p-cpe:/a:novell:opensuse:ruby19-devel-extra", "p-cpe:/a:novell:opensuse:ruby19-doc-ri", "p-cpe:/a:novell:opensuse:ruby19-tk", "p-cpe:/a:novell:opensuse:ruby19-tk-debuginfo", "cpe:/o:novell:opensuse:12.1", "cpe:/o:novell:opensuse:12.2", "cpe:/o:novell:opensuse:12.3"], "id": "OPENSUSE-2013-298.NASL", "href": "https://www.tenable.com/plugins/nessus/74955", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2013-298.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74955);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2013-1821\");\n\n script_name(english:\"openSUSE Security Update : ruby (openSUSE-SU-2013:0603-1)\");\n script_summary(english:\"Check for the openSUSE-2013-298 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ruby 1.8 was updated to fix a XML entity expansion denial of service\nattack (CVE-2013-1821)\n\nRuby 1.9 was updated to 1.9.3 p392, fixing the same security issues\nand also :\n\n - update json intree to 1.5.5: Denial of Service and\n Unsafe Object Creation Vulnerability in JSON\n CVE-2013-0269\n\n - limit entity expansion text limit to 10kB CVE-2013-1821\n\n - get rid of a SEGV when calling rb_iter_break() from some\n extention libraries.\n\n - some warning suppressed and smaller fixes\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=803342\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.opensuse.org/opensuse-updates/2013-04/msg00034.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-test-suite\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-devel-extra\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-doc-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ruby19-tk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:12.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE12\\.1|SUSE12\\.2|SUSE12\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"12.1 / 12.2 / 12.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-debuginfo-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-debugsource-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-devel-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-doc-html-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-doc-ri-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-examples-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-test-suite-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-tk-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.1\", reference:\"ruby-tk-debuginfo-1.8.7.p357-2.10.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-common-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby-devel-1.9.3-2.4.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-debuginfo-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-debugsource-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-devel-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-devel-extra-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-doc-ri-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-tk-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.2\", reference:\"ruby19-tk-debuginfo-1.9.3.p392-3.22.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby-1.9.3-15.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby-devel-1.9.3-15.2.1\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-debuginfo-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-debugsource-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-devel-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-devel-extra-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-doc-ri-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-tk-1.9.3.p392-1.5.2\") ) flag++;\nif ( rpm_check(release:\"SUSE12.3\", reference:\"ruby19-tk-debuginfo-1.9.3.p392-1.5.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:43:57", "description": "New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.", "cvss3": {}, "published": "2013-03-17T00:00:00", "type": "nessus", "title": "Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:slackware:slackware_linux:ruby", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:13.1", "cpe:/o:slackware:slackware_linux:13.37", "cpe:/o:slackware:slackware_linux:14.0"], "id": "SLACKWARE_SSA_2013-075-01.NASL", "href": "https://www.tenable.com/plugins/nessus/65583", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2013-075-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65583);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2013-1821\");\n script_bugtraq_id(57899, 58141);\n script_xref(name:\"SSA\", value:\"2013-075-01\");\n\n script_name(english:\"Slackware 13.1 / 13.37 / 14.0 / current : ruby (SSA:2013-075-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New ruby packages are available for Slackware 13.1, 13.37, 14.0, and\n-current to fix security issues.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2013&m=slackware-security.426862\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?091d35a6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:13.37\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:14.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"13.1\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack13.1\")) flag++;\nif (slackware_check(osver:\"13.1\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.1\")) flag++;\n\nif (slackware_check(osver:\"13.37\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack13.37\")) flag++;\nif (slackware_check(osver:\"13.37\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack13.37\")) flag++;\n\nif (slackware_check(osver:\"14.0\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1_slack14.0\")) flag++;\nif (slackware_check(osver:\"14.0\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1_slack14.0\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\nif (slackware_check(osver:\"current\", arch:\"x86_64\", pkgname:\"ruby\", pkgver:\"1.9.3_p392\", pkgarch:\"x86_64\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:slackware_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:45:00", "description": "Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "RHEL 5 : ruby (RHSA-2013:0611)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-mode", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.9"], "id": "REDHAT-RHSA-2013-0611.NASL", "href": "https://www.tenable.com/plugins/nessus/65084", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0611. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65084);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1821\");\n script_bugtraq_id(58141);\n script_xref(name:\"RHSA\", value:\"2013:0611\");\n\n script_name(english:\"RHEL 5 : ruby (RHSA-2013:0611)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0611\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1821\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0611\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-debuginfo-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-devel-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"ruby-libs-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:04", "description": "Updated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "CentOS 5 : ruby (CESA-2013:0611)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:ruby-mode", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-tcltk", "cpe:/o:centos:centos:5"], "id": "CENTOS_RHSA-2013-0611.NASL", "href": "https://www.tenable.com/plugins/nessus/65080", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0611 and \n# CentOS Errata and Security Advisory 2013:0611 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65080);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2013-1821\");\n script_bugtraq_id(58141);\n script_xref(name:\"RHSA\", value:\"2013:0611\");\n\n script_name(english:\"CentOS 5 : ruby (CESA-2013:0611)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019269.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4fb60a74\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019271.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6df1f9ec\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1821\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 5.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-devel-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-libs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-mode / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:59:15", "description": "lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby19 (ALAS-2013-195)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby19", "p-cpe:/a:amazon:linux:ruby19-debuginfo", "p-cpe:/a:amazon:linux:ruby19-devel", "p-cpe:/a:amazon:linux:ruby19-doc", "p-cpe:/a:amazon:linux:ruby19-irb", "p-cpe:/a:amazon:linux:ruby19-libs", "p-cpe:/a:amazon:linux:rubygem19-bigdecimal", "p-cpe:/a:amazon:linux:rubygem19-io-console", "p-cpe:/a:amazon:linux:rubygem19-json", "p-cpe:/a:amazon:linux:rubygem19-minitest", "p-cpe:/a:amazon:linux:rubygem19-rake", "p-cpe:/a:amazon:linux:rubygem19-rdoc", "p-cpe:/a:amazon:linux:rubygems19", "p-cpe:/a:amazon:linux:rubygems19-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-195.NASL", "href": "https://www.tenable.com/plugins/nessus/69753", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-195.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69753);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2013-1821\");\n script_xref(name:\"ALAS\", value:\"2013-195\");\n\n script_name(english:\"Amazon Linux AMI : ruby19 (ALAS-2013-195)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows\nremote attackers to cause a denial of service (memory consumption and\ncrash) via crafted text nodes in an XML document, aka an XML Entity\nExpansion (XEE) attack.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-195.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ruby19' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-debuginfo-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-devel-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-doc-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-irb-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby19-libs-1.9.3.392-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-bigdecimal-1.1.0-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-io-console-0.3-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-json-1.5.5-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-minitest-2.5.1-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-rake-0.9.2.2-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem19-rdoc-3.9.5-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems19-1.8.23-29.38.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems19-devel-1.8.23-29.38.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby19 / ruby19-debuginfo / ruby19-devel / ruby19-doc / ruby19-irb / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:28", "description": "Ben Murphy discovered that the Ruby REXML library incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of memory, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-26T00:00:00", "type": "nessus", "title": "Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : ruby1.8, ruby1.9.1 vulnerability (USN-1780-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libruby1.8", "p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1", "p-cpe:/a:canonical:ubuntu_linux:ruby1.8", "p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1", "cpe:/o:canonical:ubuntu_linux:10.04:-:lts", "cpe:/o:canonical:ubuntu_linux:11.10", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1780-1.NASL", "href": "https://www.tenable.com/plugins/nessus/65686", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1780-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(65686);\n script_version(\"1.9\");\n script_cvs_date(\"Date: 2019/09/19 12:54:29\");\n\n script_cve_id(\"CVE-2013-1821\");\n script_bugtraq_id(58141);\n script_xref(name:\"USN\", value:\"1780-1\");\n\n script_name(english:\"Ubuntu 10.04 LTS / 11.10 / 12.04 LTS / 12.10 : ruby1.8, ruby1.9.1 vulnerability (USN-1780-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Ben Murphy discovered that the Ruby REXML library incorrectly handled\nXML entity expansion. An attacker could use this flaw to cause Ruby to\nconsume large amounts of memory, resulting in a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1780-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:10.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:11.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(10\\.04|11\\.10|12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 10.04 / 11.10 / 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"10.04\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.249-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"10.04\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.249-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.352-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"11.10\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.352-2ubuntu0.3\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.352-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.352-2ubuntu1.2\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.6\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libruby1.8\", pkgver:\"1.8.7.358-4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.4\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"ruby1.8\", pkgver:\"1.8.7.358-4ubuntu0.2\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.4\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libruby1.8 / libruby1.9.1 / ruby1.8 / ruby1.9.1\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:42", "description": "It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130307)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-docs", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-mode", "p-cpe:/a:fermilab:scientific_linux:ruby-rdoc", "p-cpe:/a:fermilab:scientific_linux:ruby-ri", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130307_RUBY_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65093", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65093);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1821\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL5.x i386/x86_64 (20130307)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=2844\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?36a0cc7c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 5.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-debuginfo-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-devel-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-libs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:51:08", "description": "From Red Hat Security Advisory 2013:0611 :\n\nUpdated ruby packages that fix one security issue are now available for Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve this issue.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 5 : ruby (ELSA-2013-0611)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-docs", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-mode", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-tcltk", "cpe:/o:oracle:linux:5"], "id": "ORACLELINUX_ELSA-2013-0611.NASL", "href": "https://www.tenable.com/plugins/nessus/68781", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0611 and \n# Oracle Linux Security Advisory ELSA-2013-0611 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68781);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-1821\");\n script_bugtraq_id(58141);\n script_xref(name:\"RHSA\", value:\"2013:0611\");\n\n script_name(english:\"Oracle Linux 5 : ruby (ELSA-2013-0611)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0611 :\n\nUpdated ruby packages that fix one security issue are now available\nfor Red Hat Enterprise Linux 5.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. A Common Vulnerability Scoring System (CVSS)\nbase score, which gives a detailed severity rating, is available from\nthe CVE link in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003342.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-mode\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL5\", reference:\"ruby-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-devel-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-docs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-irb-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-libs-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-mode-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-rdoc-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-ri-1.8.5-29.el5_9\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"ruby-tcltk-1.8.5-29.el5_9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-mode / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-18T14:30:58", "description": "This Ruby update fixes the following security issue :\n\n - Fixed entity expansion DoS vulnerability in REXML.\n (CVE-2013-1821). (bnc#808137)", "cvss3": {}, "published": "2014-05-21T00:00:00", "type": "nessus", "title": "SuSE 11.3 Security Update : Ruby (SAT Patch Number 9136)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2021-01-19T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:11:ruby", "p-cpe:/a:novell:suse_linux:11:ruby-doc-html", "p-cpe:/a:novell:suse_linux:11:ruby-tk", "cpe:/o:novell:suse_linux:11"], "id": "SUSE_11_RUBY-140415.NASL", "href": "https://www.tenable.com/plugins/nessus/74118", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from SuSE 11 update information. The text itself is\n# copyright (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(74118);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2013-1821\");\n\n script_name(english:\"SuSE 11.3 Security Update : Ruby (SAT Patch Number 9136)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 11 host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This Ruby update fixes the following security issue :\n\n - Fixed entity expansion DoS vulnerability in REXML.\n (CVE-2013-1821). (bnc#808137)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=808137\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1821.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply SAT patch number 9136.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-doc-html\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:11:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/04/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/05/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)11\") audit(AUDIT_OS_NOT, \"SuSE 11\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SuSE 11\", cpu);\n\npl = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(pl) || int(pl) != 3) audit(AUDIT_OS_NOT, \"SuSE 11.3\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"i586\", reference:\"ruby-1.8.7.p357-0.9.15.1\")) flag++;\nif (rpm_check(release:\"SLED11\", sp:3, cpu:\"x86_64\", reference:\"ruby-1.8.7.p357-0.9.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"ruby-1.8.7.p357-0.9.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"ruby-doc-html-1.8.7.p357-0.9.15.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:3, reference:\"ruby-tk-1.8.7.p357-0.9.15.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:57:13", "description": "Upgrade of CXF to 2.6.9, fixes CVE-2013-2160.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "nessus", "title": "Fedora 18 : cxf-2.6.9-1.fc18 / jacorb-2.3.1-8.fc18 / wss4j-1.6.10-1.fc18 (2013-14159)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2160"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cxf", "p-cpe:/a:fedoraproject:fedora:jacorb", "p-cpe:/a:fedoraproject:fedora:wss4j", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-14159.NASL", "href": "https://www.tenable.com/plugins/nessus/69300", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-14159.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69300);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2160\");\n script_xref(name:\"FEDORA\", value:\"2013-14159\");\n\n script_name(english:\"Fedora 18 : cxf-2.6.9-1.fc18 / jacorb-2.3.1-8.fc18 / wss4j-1.6.10-1.fc18 (2013-14159)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade of CXF to 2.6.9, fixes CVE-2013-2160.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=929197\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113756.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?86049458\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113757.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?52eedd39\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113758.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b4b6a104\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cxf, jacorb and / or wss4j packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wss4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"cxf-2.6.9-1.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"jacorb-2.3.1-8.fc18\")) flag++;\nif (rpm_check(release:\"FC18\", reference:\"wss4j-1.6.10-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cxf / jacorb / wss4j\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:57:42", "description": "Upgrade of CXF to 2.6.9, fixes CVE-2013-2160.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "nessus", "title": "Fedora 19 : cxf-2.6.9-1.fc19 / jacorb-2.3.1-8.fc19 / wss4j-1.6.10-1.fc19 (2013-14106)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-2160"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:cxf", "p-cpe:/a:fedoraproject:fedora:jacorb", "p-cpe:/a:fedoraproject:fedora:wss4j", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-14106.NASL", "href": "https://www.tenable.com/plugins/nessus/69298", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-14106.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69298);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-2160\");\n script_xref(name:\"FEDORA\", value:\"2013-14106\");\n\n script_name(english:\"Fedora 19 : cxf-2.6.9-1.fc19 / jacorb-2.3.1-8.fc19 / wss4j-1.6.10-1.fc19 (2013-14106)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Upgrade of CXF to 2.6.9, fixes CVE-2013-2160.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=929197\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113791.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3cf87d55\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113792.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?e74effcb\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113793.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8c11c1ce\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected cxf, jacorb and / or wss4j packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:cxf\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:jacorb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:wss4j\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/12\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"cxf-2.6.9-1.fc19\")) flag++;\nif (rpm_check(release:\"FC19\", reference:\"jacorb-2.3.1-8.fc19\")) flag++;\nif (rpm_check(release:\"FC19\", reference:\"wss4j-1.6.10-1.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"cxf / jacorb / wss4j\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-03-03T14:17:21", "description": "fix for CVE-2013-1768 rhbz#984034,984040\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-07-22T00:00:00", "type": "nessus", "title": "Fedora 18 : openjpa-2.2.0-3.fc18 (2013-12960)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openjpa", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-12960.NASL", "href": "https://www.tenable.com/plugins/nessus/68988", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-12960.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68988);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1768\");\n script_bugtraq_id(60534);\n script_xref(name:\"FEDORA\", value:\"2013-12960\");\n\n script_name(english:\"Fedora 18 : openjpa-2.2.0-3.fc18 (2013-12960)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix for CVE-2013-1768 rhbz#984034,984040\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984034\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112055.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?477acf33\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openjpa package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openjpa\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"openjpa-2.2.0-3.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjpa\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-02T14:20:59", "description": "fix for CVE-2013-1768 rhbz#984034,984040.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-07-22T00:00:00", "type": "nessus", "title": "Fedora 17 : openjpa-2.2.0-3.fc17 (2013-12967)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openjpa", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-12967.NASL", "href": "https://www.tenable.com/plugins/nessus/68989", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-12967.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68989);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1768\");\n script_bugtraq_id(60534);\n script_xref(name:\"FEDORA\", value:\"2013-12967\");\n\n script_name(english:\"Fedora 17 : openjpa-2.2.0-3.fc17 (2013-12967)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix for CVE-2013-1768 rhbz#984034,984040.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984034\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112024.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?3b9ea334\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openjpa package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openjpa\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"openjpa-2.2.0-3.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjpa\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-03T14:19:09", "description": "Updated openjpa packages fix security vulnerability :\n\nThe BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by creating a serialized object and leveraging improperly secured server programs (CVE-2013-1768).", "cvss3": {}, "published": "2013-10-08T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : openjpa (MDVSA-2013:246)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:openjpa", "p-cpe:/a:mandriva:linux:openjpa-javadoc", "p-cpe:/a:mandriva:linux:openjpa-tools", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-246.NASL", "href": "https://www.tenable.com/plugins/nessus/70325", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:246. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(70325);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-1768\");\n script_bugtraq_id(60534);\n script_xref(name:\"MDVSA\", value:\"2013:246\");\n\n script_name(english:\"Mandriva Linux Security Advisory : openjpa (MDVSA-2013:246)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated openjpa packages fix security vulnerability :\n\nThe BrokerFactory functionality in Apache OpenJPA before 2.2.2 creates\nlocal executable JSP files containing logging trace data produced\nduring deserialization of certain crafted OpenJPA objects, which makes\nit easier for remote attackers to execute arbitrary code by creating a\nserialized object and leveraging improperly secured server programs\n(CVE-2013-1768).\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://advisories.mageia.org/MGASA-2013-0292.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Update the affected openjpa, openjpa-javadoc and / or openjpa-tools\npackages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openjpa\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openjpa-javadoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:openjpa-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/10/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/10/08\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"openjpa-2.2.0-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"openjpa-javadoc-2.2.0-3.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"openjpa-tools-2.2.0-3.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-03-02T14:20:01", "description": "fix for CVE-2013-1768 rhbz#984034,984040. fix ant.d script.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-07-22T00:00:00", "type": "nessus", "title": "Fedora 19 : openjpa-2.2.1-6.fc19 (2013-12948)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:openjpa", "cpe:/o:fedoraproject:fedora:19"], "id": "FEDORA_2013-12948.NASL", "href": "https://www.tenable.com/plugins/nessus/68987", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-12948.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68987);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1768\");\n script_bugtraq_id(60534);\n script_xref(name:\"FEDORA\", value:\"2013-12948\");\n\n script_name(english:\"Fedora 19 : openjpa-2.2.1-6.fc19 (2013-12948)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"fix for CVE-2013-1768 rhbz#984034,984040. fix ant.d script.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=984034\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112029.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0e92b248\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected openjpa package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:openjpa\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:19\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/07/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/22\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^19([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 19.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC19\", reference:\"openjpa-2.2.1-6.fc19\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"openjpa\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:43:45", "description": "A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-06T00:00:00", "type": "nessus", "title": "Fedora 17 : rubygem-json-1.6.8-1.fc17 (2013-3050)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-json", "cpe:/o:fedoraproject:fedora:17"], "id": "FEDORA_2013-3050.NASL", "href": "https://www.tenable.com/plugins/nessus/65039", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3050.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65039);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n script_xref(name:\"FEDORA\", value:\"2013-3050\");\n\n script_name(english:\"Fedora 17 : rubygem-json-1.6.8-1.fc17 (2013-3050)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was discovered on the previous json that there is a\ndenial of service and unsafe object creation vulnerability. This\nvulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=910313\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?95fe7766\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-json package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:17\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^17([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 17.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC17\", reference:\"rubygem-json-1.6.8-1.fc17\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:54:00", "description": "The JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka 'Unsafe Object Creation Vulnerability.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in libjson-ruby version 1.1.9-1+deb6u1.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-215-1 : libjson-ruby security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:edit-json", "p-cpe:/a:debian:debian_linux:libjson-ruby", "p-cpe:/a:debian:debian_linux:libjson-ruby-doc", "p-cpe:/a:debian:debian_linux:libjson-ruby1.8", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-215.NASL", "href": "https://www.tenable.com/plugins/nessus/83167", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-215-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(83167);\n script_version(\"2.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n\n script_name(english:\"Debian DLA-215-1 : libjson-ruby security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The JSON gem for Ruby allowed remote attackers to cause a denial of\nservice (resource consumption) or bypass the mass assignment\nprotection mechanism via a crafted JSON document that triggers the\ncreation of arbitrary Ruby symbols or certain internal objects, as\ndemonstrated by conducting a SQL injection attack against Ruby on\nRails, aka 'Unsafe Object Creation Vulnerability.'\n\nFor Debian 6 'Squeeze', this issue has been fixed in\nlibjson-ruby version 1.1.9-1+deb6u1.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/04/msg00029.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/libjson-ruby\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:edit-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libjson-ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/05/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"edit-json\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby-doc\", reference:\"1.1.9-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libjson-ruby1.8\", reference:\"1.1.9-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:41:56", "description": "Aaron Patterson reports :\n\nWhen parsing certain JSON documents, the JSON gem can be coerced in to creating Ruby symbols in a target system. Since Ruby symbols are not garbage collected, this can result in a denial of service attack.\n\nThe same technique can be used to create objects in a target system that act like internal objects. These 'act alike' objects can be used to bypass certain security mechanisms and can be used as a spring board for SQL injection attacks in Ruby on Rails.", "cvss3": {}, "published": "2013-02-18T00:00:00", "type": "nessus", "title": "FreeBSD : Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON (c79eb109-a754-45d7-b552-a42099eb2265)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:ruby", "p-cpe:/a:freebsd:freebsd:rubygem18-json", "p-cpe:/a:freebsd:freebsd:rubygem18-json_pure", "p-cpe:/a:freebsd:freebsd:rubygem19-json", "p-cpe:/a:freebsd:freebsd:rubygem19-json_pure", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_C79EB109A75445D7B552A42099EB2265.NASL", "href": "https://www.tenable.com/plugins/nessus/64652", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(64652);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2013-0269\");\n\n script_name(english:\"FreeBSD : Ruby -- Denial of Service and Unsafe Object Creation Vulnerability in JSON (c79eb109-a754-45d7-b552-a42099eb2265)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Aaron Patterson reports :\n\nWhen parsing certain JSON documents, the JSON gem can be coerced in to\ncreating Ruby symbols in a target system. Since Ruby symbols are not\ngarbage collected, this can result in a denial of service attack.\n\nThe same technique can be used to create objects in a target system\nthat act like internal objects. These 'act alike' objects can be used\nto bypass certain security mechanisms and can be used as a spring\nboard for SQL injection attacks in Ruby on Rails.\"\n );\n # https://vuxml.freebsd.org/freebsd/c79eb109-a754-45d7-b552-a42099eb2265.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6ddb8e17\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem18-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem18-json_pure\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem19-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem19-json_pure\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/18\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"ruby>=1.9,1<1.9.3.385,1\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem18-json<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem19-json<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem18-json_pure<1.7.7\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"rubygem19-json_pure<1.7.7\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:44:44", "description": "A security flaw was discovered on the previous json that there is a denial of service and unsafe object creation vulnerability. This vulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-03-06T00:00:00", "type": "nessus", "title": "Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:rubygem-json", "cpe:/o:fedoraproject:fedora:18"], "id": "FEDORA_2013-3052.NASL", "href": "https://www.tenable.com/plugins/nessus/65040", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2013-3052.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65040);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-0269\");\n script_bugtraq_id(57899);\n script_xref(name:\"FEDORA\", value:\"2013-3052\");\n\n script_name(english:\"Fedora 18 : rubygem-json-1.6.8-1.fc18 (2013-3052)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A security flaw was discovered on the previous json that there is a\ndenial of service and unsafe object creation vulnerability. This\nvulnerability has been assigned the CVE identifier CVE-2013-0269.\n\nThis new rpm will fix this issue.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=910313\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?abe1d1ea\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected rubygem-json package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:18\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^18([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 18.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC18\", reference:\"rubygem-json-1.6.8-1.fc18\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:57:31", "description": "Several vulnerabilities have been discovered in the interpreter for the Ruby language, which may lead to denial of service and other security problems. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory.\n\n - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via valid certificate issued by a trusted certification authority.", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "nessus", "title": "Debian DSA-2738-1 : ruby1.9.1 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ruby1.9.1", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2738.NASL", "href": "https://www.tenable.com/plugins/nessus/69398", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2738. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(69398);\n script_version(\"1.12\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4073\");\n script_bugtraq_id(58141, 60843);\n script_xref(name:\"DSA\", value:\"2738\");\n\n script_name(english:\"Debian DSA-2738-1 : ruby1.9.1 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-1821\n Ben Murphy discovered that unrestricted entity expansion\n in REXML can lead to a Denial of Service by consuming\n all host memory.\n\n - CVE-2013-4073\n William (B.J.) Snow Orvis discovered a vulnerability in\n the hostname checking in Ruby's SSL client that could\n allow man-in-the-middle attackers to spoof SSL servers\n via valid certificate issued by a trusted certification\n authority.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714543\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/ruby1.9.1\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2738\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ruby1.9.1 packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 1.9.2.0-2+deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 1.9.3.194-8.1+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/08/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/08/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1\", reference:\"1.9.2.0-2+deb6u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libruby1.9.1\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libruby1.9.1-dbg\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtcltk-ruby1.9.1\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ri1.9.1\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.9.1\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.9.1-dev\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.9.1-examples\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.9.1-full\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.9.3\", reference:\"1.9.3.194-8.1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:53:56", "description": "Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix two security issues are now available for Red Hat OpenShift Enterprise 1.1.3.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nA flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by creating different types of malicious objects. For example, it could initiate a denial of service attack through resource consumption by using a JSON document to create arbitrary Ruby symbols, which were never garbage collected. It could also be exploited to create internal objects which could allow a SQL injection attack. (CVE-2013-0269)\n\nIt was found that documentation created by rubygem-rdoc and ruby193-rubygem-rdoc was vulnerable to a cross-site scripting (XSS) attack. If such documentation was accessible over a network, and a remote attacker could trick a user into visiting a specially crafted URL, it would lead to arbitrary web script execution in the context of the user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation for Ruby source files (such as classes, modules, and so on), it is not a common scenario to make such documentation accessible over the network. (CVE-2013-0256)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting CVE-2013-0269, and Eric Hodel of RDoc upstream for reporting CVE-2013-0256. Upstream acknowledges Thomas Hollstegge of Zweitag and Ben Murphy as the original reporters of CVE-2013-0269, and Evgeny Ermakov as the original reporter of CVE-2013-0256.\n\nUsers of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to these updated packages, which correct these issues.", "cvss3": {}, "published": "2018-12-06T00:00:00", "type": "nessus", "title": "RHEL 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0256", "CVE-2013-0269"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby193-ruby", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems", "p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel", "p-cpe:/a:redhat:enterprise_linux:rubygem-json", "p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo", "p-cpe:/a:redhat:enterprise_linux:rubygem-json-doc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc", "p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc", "cpe:/o:redhat:enterprise_linux:6"], "id": "REDHAT-RHSA-2013-0701.NASL", "href": "https://www.tenable.com/plugins/nessus/119437", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0701. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119437);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2013-0256\", \"CVE-2013-0269\");\n script_bugtraq_id(57785, 57899);\n script_xref(name:\"RHSA\", value:\"2013:0701\");\n\n script_name(english:\"RHEL 6 : ruby193-ruby, rubygem-json and rubygem-rdoc (RHSA-2013:0701)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Updated ruby193-ruby, rubygem-json and rubygem-rdoc packages that fix\ntwo security issues are now available for Red Hat OpenShift Enterprise\n1.1.3.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nA flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks\nby creating different types of malicious objects. For example, it\ncould initiate a denial of service attack through resource consumption\nby using a JSON document to create arbitrary Ruby symbols, which were\nnever garbage collected. It could also be exploited to create internal\nobjects which could allow a SQL injection attack. (CVE-2013-0269)\n\nIt was found that documentation created by rubygem-rdoc and\nruby193-rubygem-rdoc was vulnerable to a cross-site scripting (XSS)\nattack. If such documentation was accessible over a network, and a\nremote attacker could trick a user into visiting a specially crafted\nURL, it would lead to arbitrary web script execution in the context of\nthe user's session. As rubygem-rdoc and ruby193-rubygem-rdoc are used\nfor creating documentation for Ruby source files (such as classes,\nmodules, and so on), it is not a common scenario to make such\ndocumentation accessible over the network. (CVE-2013-0256)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting\nCVE-2013-0269, and Eric Hodel of RDoc upstream for reporting\nCVE-2013-0256. Upstream acknowledges Thomas Hollstegge of Zweitag and\nBen Murphy as the original reporters of CVE-2013-0269, and Evgeny\nErmakov as the original reporter of CVE-2013-0256.\n\nUsers of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to\nthese updated packages, which correct these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0701\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0256\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-0269\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby193-rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:rubygem-rdoc-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/06\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0701\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-debuginfo-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-devel-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-doc-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-ruby-irb-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-libs-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-ruby-tcltk-1.9.3.327-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-bigdecimal-1.1.0-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-io-console-0.3-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-json-1.5.4-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-minitest-2.5.1-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygem-rake-0.9.2.2-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby193-rubygem-rdoc-3.9.4-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-1.8.23-28.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"ruby193-rubygems-devel-1.8.23-28.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-1.7.3-2.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-debuginfo-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"rubygem-json-debuginfo-1.7.3-2.el6\")) flag++;\n if (rpm_exists(rpm:\"rubygem-json-doc-1.7\", release:\"RHEL6\") && rpm_check(release:\"RHEL6\", reference:\"rubygem-json-doc-1.7.3-2.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-3.8-9.el6\")) flag++;\n if (rpm_check(release:\"RHEL6\", reference:\"rubygem-rdoc-doc-3.8-9.el6\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby193-ruby / ruby193-ruby-debuginfo / ruby193-ruby-devel / etc\");\n }\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:35:04", "description": "According to the version of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-17T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-1686)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1686.NASL", "href": "https://www.tenable.com/plugins/nessus/137528", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137528);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : ruby (EulerOS-SA-2020-1686)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerability :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1686\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?48c54776\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h17\",\n \"ruby-irb-2.0.0.648-33.h17\",\n \"ruby-libs-2.0.0.648-33.h17\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:30:35", "description": "When parsing certain JSON documents, the json gem (including the one bundled with Ruby) can be coerced into creating arbitrary objects in the target system.\n\nThis is the same issue as CVE-2013-0269. The previous fix was incomplete, which addressed JSON.parse(user_input), but didn't address some other styles of JSON parsing including JSON(user_input) and JSON.parse(user_input, nil).\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to cause a Denial of Service by creating many garbage-uncollectable Symbol objects, but this kind of attack is no longer valid because Symbol objects are now garbage-collectable. However, creating arbitrary bjects may cause severe security consequences depending upon the application code.\n\nPlease update the json gem to version 2.3.0 or later. You can use gem update json to update it. If you are using bundler, please add gem 'json', '>= 2.3.0' to your Gemfile.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-03-26T00:00:00", "type": "nessus", "title": "FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-13T00:00:00", "cpe": ["p-cpe:/a:freebsd:freebsd:rubygem-json", "cpe:/o:freebsd:freebsd"], "id": "FREEBSD_PKG_40194E1C6D8911EA808280EE73419AF3.NASL", "href": "https://www.tenable.com/plugins/nessus/134921", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(134921);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/13\");\n\n script_cve_id(\"CVE-2020-10663\");\n\n script_name(english:\"FreeBSD : rubygem-json -- Unsafe Objection Creation Vulnerability in JSON (Additional fix) (40194e1c-6d89-11ea-8082-80ee73419af3)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"When parsing certain JSON documents, the json gem (including the one\nbundled with Ruby) can be coerced into creating arbitrary objects in\nthe target system.\n\nThis is the same issue as CVE-2013-0269. The previous fix was\nincomplete, which addressed JSON.parse(user_input), but didn't\naddress some other styles of JSON parsing including JSON(user_input)\nand JSON.parse(user_input, nil).\n\nSee CVE-2013-0269 in detail. Note that the issue was exploitable to\ncause a Denial of Service by creating many garbage-uncollectable\nSymbol objects, but this kind of attack is no longer valid because\nSymbol objects are now garbage-collectable. However, creating\narbitrary bjects may cause severe security consequences depending upon\nthe application code.\n\nPlease update the json gem to version 2.3.0 or later. You can use gem\nupdate json to update it. If you are using bundler, please add gem\n'json', '>= 2.3.0' to your Gemfile.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.ruby-lang.org/en/news/2020/03/19/json-dos-cve-2020-10663/\"\n );\n # https://vuxml.freebsd.org/freebsd/40194e1c-6d89-11ea-8082-80ee73419af3.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5e54143b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/26\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"rubygem-json<2.3.0\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:pkg_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:31:52", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe object creation vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.\n\nFor Debian 8 'Jessie', this problem has been fixed in version 2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-01T00:00:00", "type": "nessus", "title": "Debian DLA-2192-1 : ruby2.1 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1", "p-cpe:/a:debian:debian_linux:ruby2.1-dev", "p-cpe:/a:debian:debian_linux:ruby2.1-doc", "p-cpe:/a:debian:debian_linux:ruby2.1-tcltk", "cpe:/o:debian:debian_linux:8.0"], "id": "DEBIAN_DLA-2192.NASL", "href": "https://www.tenable.com/plugins/nessus/136202", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-2192-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136202);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2020-10663\");\n\n script_name(english:\"Debian DLA-2192-1 : ruby2.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an unsafe\nobject creation vulnerability. This is quite similar to CVE-2013-0269,\nbut does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a\nmalicious object within the interpreter, with adverse effects that are\napplication-dependent.\n\nFor Debian 8 'Jessie', this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/jessie/ruby2.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby2.1-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"8.0\", prefix:\"libruby2.1\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-dev\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-doc\", reference:\"2.1.5-2+deb8u10\")) flag++;\nif (deb_check(release:\"8.0\", prefix:\"ruby2.1-tcltk\", reference:\"2.1.5-2+deb8u10\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T15:18:17", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1426 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-31T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby19 (ALAS-2020-1426)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby19", "p-cpe:/a:amazon:linux:ruby19-debuginfo", "p-cpe:/a:amazon:linux:ruby19-devel", "p-cpe:/a:amazon:linux:ruby19-doc", "p-cpe:/a:amazon:linux:ruby19-irb", "p-cpe:/a:amazon:linux:ruby19-libs", "p-cpe:/a:amazon:linux:ruby21", "p-cpe:/a:amazon:linux:ruby21-debuginfo", "p-cpe:/a:amazon:linux:ruby21-devel", "p-cpe:/a:amazon:linux:ruby21-doc", "p-cpe:/a:amazon:linux:ruby21-irb", "p-cpe:/a:amazon:linux:ruby21-libs", "p-cpe:/a:amazon:linux:rubygem19-bigdecimal", "p-cpe:/a:amazon:linux:rubygem19-io-console", "p-cpe:/a:amazon:linux:rubygem19-json", "p-cpe:/a:amazon:linux:rubygem19-minitest", "p-cpe:/a:amazon:linux:rubygem19-rake", "p-cpe:/a:amazon:linux:rubygem19-rdoc", "p-cpe:/a:amazon:linux:rubygem21-bigdecimal", "p-cpe:/a:amazon:linux:rubygem21-io-console", "p-cpe:/a:amazon:linux:rubygem21-psych", "p-cpe:/a:amazon:linux:rubygems19", "p-cpe:/a:amazon:linux:rubygems19-devel", "p-cpe:/a:amazon:linux:rubygems21", "p-cpe:/a:amazon:linux:rubygems21-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1426.NASL", "href": "https://www.tenable.com/plugins/nessus/140094", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1426.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140094);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_bugtraq_id(57899);\n script_xref(name:\"ALAS\", value:\"2020-1426\");\n\n script_name(english:\"Amazon Linux AMI : ruby19 (ALAS-2020-1426)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the ALAS-2020-1426 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to\n cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a\n crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as\n demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation\n Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1426.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10663\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ruby19' to update your system.\n Run 'yum update ruby21' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby19-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby21-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem19-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems19-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems21-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'ruby19-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-debuginfo-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-debuginfo-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-devel-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-devel-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-doc-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-doc-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby19-irb-1.9.3.551-33.71.amzn1', 'release':'ALA'},\n {'reference':'ruby19-libs-1.9.3.551-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby19-libs-1.9.3.551-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-debuginfo-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-debuginfo-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-devel-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-devel-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'ruby21-doc-2.1.9-1.23.amzn1', 'release':'ALA'},\n {'reference':'ruby21-irb-2.1.9-1.23.amzn1', 'release':'ALA'},\n {'reference':'ruby21-libs-2.1.9-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'ruby21-libs-2.1.9-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-bigdecimal-1.1.0-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-bigdecimal-1.1.0-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-io-console-0.3-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-io-console-0.3-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-json-1.5.5-33.71.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem19-json-1.5.5-33.71.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem19-minitest-2.5.1-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem19-rake-0.9.2.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem19-rdoc-3.9.5-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygem21-bigdecimal-1.2.4-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-bigdecimal-1.2.4-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-io-console-0.4.3-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-io-console-0.4.3-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-psych-2.0.5-1.23.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-psych-2.0.5-1.23.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygems19-1.8.23.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygems19-devel-1.8.23.2-33.71.amzn1', 'release':'ALA'},\n {'reference':'rubygems21-2.2.5-1.23.amzn1', 'release':'ALA'},\n {'reference':'rubygems21-devel-2.2.5-1.23.amzn1', 'release':'ALA'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby19 / ruby19-debuginfo / ruby19-devel / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T15:18:37", "description": "The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2020-1423 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-08-31T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : rubygem-json-debuginfo (ALAS-2020-1423)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:rubygem-json-debuginfo", "p-cpe:/a:amazon:linux:rubygem18-json", "p-cpe:/a:amazon:linux:rubygem18-json-doc", "p-cpe:/a:amazon:linux:rubygem20-json", "p-cpe:/a:amazon:linux:rubygem20-json-doc", "p-cpe:/a:amazon:linux:rubygem21-json", "p-cpe:/a:amazon:linux:rubygem21-json-doc", "p-cpe:/a:amazon:linux:rubygem22-json", "p-cpe:/a:amazon:linux:rubygem22-json-doc", "p-cpe:/a:amazon:linux:rubygem23-json", "p-cpe:/a:amazon:linux:rubygem23-json-doc", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1423.NASL", "href": "https://www.tenable.com/plugins/nessus/140093", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1423.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140093);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_bugtraq_id(57899);\n script_xref(name:\"ALAS\", value:\"2020-1423\");\n\n script_name(english:\"Amazon Linux AMI : rubygem-json-debuginfo (ALAS-2020-1423)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of tested product installed on the remote host is prior to tested version. It is, therefore, affected by\nmultiple vulnerabilities as referenced in the ALAS-2020-1423 advisory.\n\n - The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for Ruby allows remote attackers to\n cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a\n crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects, as\n demonstrated by conducting a SQL injection attack against Ruby on Rails, aka Unsafe Object Creation\n Vulnerability. (CVE-2013-0269)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1423.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10663\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update rubygem-json' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-0269\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/31\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-json-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem18-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem18-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem21-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem22-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem22-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem23-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem23-json-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\npkgs = [\n {'reference':'rubygem-json-debuginfo-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem-json-debuginfo-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem18-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem18-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem18-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem18-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem20-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem20-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem20-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem20-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem21-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem21-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem22-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem22-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem22-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem22-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem23-json-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem23-json-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'},\n {'reference':'rubygem23-json-doc-1.8.3-1.53.amzn1', 'cpu':'i686', 'release':'ALA'},\n {'reference':'rubygem23-json-doc-1.8.3-1.53.amzn1', 'cpu':'x86_64', 'release':'ALA'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"rubygem-json-debuginfo / rubygem18-json / rubygem18-json-doc / etc\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T06:39:55", "description": "The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2020:2462 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2022-02-09T00:00:00", "type": "nessus", "title": "Rocky Linux 8 : pcs (RLSA-2020:2462)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2022-02-14T00:00:00", "cpe": ["p-cpe:/a:rocky:linux:pcs", "p-cpe:/a:rocky:linux:pcs-snmp", "p-cpe:/a:rocky:linux:rubygem-abrt", "p-cpe:/a:rocky:linux:rubygem-abrt-doc", "p-cpe:/a:rocky:linux:rubygem-bson", "p-cpe:/a:rocky:linux:rubygem-bson-debuginfo", "p-cpe:/a:rocky:linux:rubygem-bson-debugsource", "p-cpe:/a:rocky:linux:rubygem-bson-doc", "p-cpe:/a:rocky:linux:rubygem-bundler", "p-cpe:/a:rocky:linux:rubygem-bundler-doc", "p-cpe:/a:rocky:linux:rubygem-mongo", "p-cpe:/a:rocky:linux:rubygem-mongo-doc", "p-cpe:/a:rocky:linux:rubygem-mysql2", "p-cpe:/a:rocky:linux:rubygem-mysql2-debuginfo", "p-cpe:/a:rocky:linux:rubygem-mysql2-debugsource", "p-cpe:/a:rocky:linux:rubygem-mysql2-doc", "p-cpe:/a:rocky:linux:rubygem-pg", "p-cpe:/a:rocky:linux:rubygem-pg-debuginfo", "p-cpe:/a:rocky:linux:rubygem-pg-debugsource", "p-cpe:/a:rocky:linux:rubygem-pg-doc", "cpe:/o:rocky:linux:8"], "id": "ROCKY_LINUX_RLSA-2020-2462.NASL", "href": "https://www.tenable.com/plugins/nessus/157830", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Rocky Linux Security Advisory RLSA-2020:2462.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(157830);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/02/14\");\n\n script_cve_id(\"CVE-2020-10663\");\n script_xref(name:\"RLSA\", value:\"2020:2462\");\n\n script_name(english:\"Rocky Linux 8 : pcs (RLSA-2020:2462)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Rocky Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nRLSA-2020:2462 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.rockylinux.org/RLSA-2020:2462\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1827500\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1832914\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1838084\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1840158\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/24\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/07/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/02/09\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:pcs-snmp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-abrt\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-abrt-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bson-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bundler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-bundler-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mongo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mongo-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-mysql2-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:rocky:linux:rubygem-pg-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:rocky:linux:8\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Rocky Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RockyLinux/release\", \"Host/RockyLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RockyLinux/release');\nif (isnull(release) || 'Rocky Linux' >!< release) audit(AUDIT_OS_NOT, 'Rocky Linux');\nvar os_ver = pregmatch(pattern: \"Rocky(?: Linux)? release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');\nvar os_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);\n\nif (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);\n\nvar pkgs = [\n {'reference':'pcs-0.10.8-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-0.10.8-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.8-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'pcs-snmp-0.10.8-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-0.3.0-4.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-abrt-doc-0.3.0-4.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.3'},\n {'reference':'rubygem-bson-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.3'},\n {'reference':'rubygem-bson-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.5'},\n {'reference':'rubygem-bson-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-4.5'},\n {'reference':'rubygem-bson-debuginfo-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.3'},\n {'reference':'rubygem-bson-debuginfo-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.3'},\n {'reference':'rubygem-bson-debuginfo-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.5'},\n {'reference':'rubygem-bson-debuginfo-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debuginfo-4.5'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.3'},\n {'reference':'rubygem-bson-debugsource-4.3.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.3'},\n {'reference':'rubygem-bson-debugsource-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.5'},\n {'reference':'rubygem-bson-debugsource-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-debugsource-4.5'},\n {'reference':'rubygem-bson-doc-4.3.0-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-doc-4.3'},\n {'reference':'rubygem-bson-doc-4.5.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-bson-doc-4.5'},\n {'reference':'rubygem-bundler-1.16.1-3.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bundler-doc-1.16.1-3.module+el8.4.0+592+03ff458a', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-mongo-2.5.1-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-2.5'},\n {'reference':'rubygem-mongo-2.8.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-2.8'},\n {'reference':'rubygem-mongo-doc-2.5.1-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-doc-2.5'},\n {'reference':'rubygem-mongo-doc-2.8.0-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mongo-doc-2.8'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.4'},\n {'reference':'rubygem-mysql2-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.4'},\n {'reference':'rubygem-mysql2-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.5'},\n {'reference':'rubygem-mysql2-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-0.5'},\n {'reference':'rubygem-mysql2-debuginfo-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.4'},\n {'reference':'rubygem-mysql2-debuginfo-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.4'},\n {'reference':'rubygem-mysql2-debuginfo-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.5'},\n {'reference':'rubygem-mysql2-debuginfo-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debuginfo-0.5'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.4'},\n {'reference':'rubygem-mysql2-debugsource-0.4.10-4.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.4'},\n {'reference':'rubygem-mysql2-debugsource-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.5'},\n {'reference':'rubygem-mysql2-debugsource-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-debugsource-0.5'},\n {'reference':'rubygem-mysql2-doc-0.4.10-4.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-doc-0.4'},\n {'reference':'rubygem-mysql2-doc-0.5.2-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-mysql2-doc-0.5'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.0'},\n {'reference':'rubygem-pg-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.0'},\n {'reference':'rubygem-pg-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.1'},\n {'reference':'rubygem-pg-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-1.1'},\n {'reference':'rubygem-pg-debuginfo-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.0'},\n {'reference':'rubygem-pg-debuginfo-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.0'},\n {'reference':'rubygem-pg-debuginfo-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.1'},\n {'reference':'rubygem-pg-debuginfo-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debuginfo-1.1'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.0'},\n {'reference':'rubygem-pg-debugsource-1.0.0-2.module+el8.4.0+592+03ff458a', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.0'},\n {'reference':'rubygem-pg-debugsource-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.1'},\n {'reference':'rubygem-pg-debugsource-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-debugsource-1.1'},\n {'reference':'rubygem-pg-doc-1.0.0-2.module+el8.4.0+592+03ff458a', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-doc-1.0'},\n {'reference':'rubygem-pg-doc-1.1.4-1.module+el8.4.0+593+8d7f9f0c', 'release':'8', 'el_string':'el8.4.0', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'rubygem-pg-doc-1.1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'Rocky-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && release && (!exists_check || rpm_exists(release:release, rpm:exists_check))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'pcs / pcs-snmp / rubygem-abrt / rubygem-abrt-doc / rubygem-bson / etc');\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:45:17", "description": "Updated ruby packages fix security vulnerabilities :\n\nShugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed untainted strings to be modified in protective safe levels. An attacker could use this flaw to bypass intended access restrictions (CVE-2012-4466, CVE-2012-4481).\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory (CVE-2013-1821).", "cvss3": {}, "published": "2013-04-20T00:00:00", "type": "nessus", "title": "Mandriva Linux Security Advisory : ruby (MDVSA-2013:124)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-4466", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:mandriva:linux:ruby", "p-cpe:/a:mandriva:linux:ruby-devel", "p-cpe:/a:mandriva:linux:ruby-doc", "p-cpe:/a:mandriva:linux:ruby-tk", "cpe:/o:mandriva:business_server:1"], "id": "MANDRIVA_MDVSA-2013-124.NASL", "href": "https://www.tenable.com/plugins/nessus/66136", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandriva Linux Security Advisory MDVSA-2013:124. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(66136);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2012-4466\", \"CVE-2012-4481\", \"CVE-2013-1821\");\n script_bugtraq_id(55757, 55813, 58141);\n script_xref(name:\"MDVSA\", value:\"2013:124\");\n script_xref(name:\"MGASA\", value:\"2012-0294\");\n script_xref(name:\"MGASA\", value:\"2013-0092\");\n\n script_name(english:\"Mandriva Linux Security Advisory : ruby (MDVSA-2013:124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandriva Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages fix security vulnerabilities :\n\nShugo Maedo and Vit Ondruch discovered that Ruby incorrectly allowed\nuntainted strings to be modified in protective safe levels. An\nattacker could use this flaw to bypass intended access restrictions\n(CVE-2012-4466, CVE-2012-4481).\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory (CVE-2013-1821).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:ruby-tk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:business_server:1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/04/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/20\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"ruby-1.8.7.p358-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"ruby-devel-1.8.7.p358-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", reference:\"ruby-doc-1.8.7.p358-2.1.mbs1\")) flag++;\nif (rpm_check(release:\"MDK-MBS1\", cpu:\"x86_64\", reference:\"ruby-tk-1.8.7.p358-2.1.mbs1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-13T15:00:21", "description": "It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011-0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through 1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify strings via the Exception#to_s method, as demonstrated by changing an intended pathname. (CVE-2011-1005)", "cvss3": {}, "published": "2013-09-04T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby (ALAS-2013-173)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2018-04-18T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby", "p-cpe:/a:amazon:linux:ruby-debuginfo", "p-cpe:/a:amazon:linux:ruby-devel", "p-cpe:/a:amazon:linux:ruby-irb", "p-cpe:/a:amazon:linux:ruby-libs", "p-cpe:/a:amazon:linux:ruby-rdoc", "p-cpe:/a:amazon:linux:ruby-ri", "p-cpe:/a:amazon:linux:ruby-static", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2013-173.NASL", "href": "https://www.tenable.com/plugins/nessus/69732", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2013-173.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(69732);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/04/18 15:09:35\");\n\n script_cve_id(\"CVE-2011-1005\", \"CVE-2012-4481\", \"CVE-2013-1821\");\n script_xref(name:\"ALAS\", value:\"2013-173\");\n script_xref(name:\"RHSA\", value:\"2013:0612\");\n\n script_name(english:\"Amazon Linux AMI : ruby (ALAS-2013-173)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011-0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could\nuse this flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe safe-level feature in Ruby 1.8.6 through 1.8.6-420, 1.8.7 through\n1.8.7-330, and 1.8.8dev allows context-dependent attackers to modify\nstrings via the Exception#to_s method, as demonstrated by changing an\nintended pathname. (CVE-2011-1005)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2013-173.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ruby' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/09/04\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-debuginfo-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-devel-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-irb-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-libs-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-rdoc-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-ri-1.8.7.371-2.25.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby-static-1.8.7.371-2.25.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-irb / ruby-libs / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:44:10", "description": "Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-03-10T00:00:00", "type": "nessus", "title": "CentOS 6 : ruby (CESA-2013:0612)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2021-01-04T00:00:00", "cpe": ["p-cpe:/a:centos:centos:ruby", "p-cpe:/a:centos:centos:ruby-devel", "p-cpe:/a:centos:centos:ruby-docs", "p-cpe:/a:centos:centos:ruby-irb", "p-cpe:/a:centos:centos:ruby-libs", "p-cpe:/a:centos:centos:ruby-rdoc", "p-cpe:/a:centos:centos:ruby-ri", "p-cpe:/a:centos:centos:ruby-static", "p-cpe:/a:centos:centos:ruby-tcltk", "cpe:/o:centos:centos:6"], "id": "CENTOS_RHSA-2013-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/65166", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0612 and \n# CentOS Errata and Security Advisory 2013:0612 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65166);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\");\n script_bugtraq_id(55813, 58141);\n script_xref(name:\"RHSA\", value:\"2013:0612\");\n\n script_name(english:\"CentOS 6 : ruby (CESA-2013:0612)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could\nuse this flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2013-March/019633.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c2063ca6\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2013-1821\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/10\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 6.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-devel-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-libs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"CentOS-6\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-rdoc / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-02-13T15:03:15", "description": "Several vulnerabilities have been discovered in the interpreter for the Ruby language. The Common Vulnerabilities and Exposures project identifies the following problems :\n\n - CVE-2013-1821 Ben Murphy discovered that unrestricted entity expansion in REXML can lead to a Denial of Service by consuming all host memory.\n\n - CVE-2013-4073 William (B.J.) Snow Orvis discovered a vulnerability in the hostname checking in Ruby's SSL client that could allow man-in-the-middle attackers to spoof SSL servers via a crafted certificate issued by a trusted certification authority.\n\n - CVE-2013-4164 Charlie Somerville discovered that Ruby incorrectly handled floating point number conversion. If an application using Ruby accepted untrusted input strings and converted them to floating point numbers, an attacker able to provide such input could cause the application to crash or, possibly, execute arbitrary code with the privileges of the application.", "cvss3": {}, "published": "2013-12-05T00:00:00", "type": "nessus", "title": "Debian DSA-2809-1 : ruby1.8 - several vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073", "CVE-2013-4164"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:ruby1.8", "cpe:/o:debian:debian_linux:6.0", "cpe:/o:debian:debian_linux:7.0"], "id": "DEBIAN_DSA-2809.NASL", "href": "https://www.tenable.com/plugins/nessus/71220", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-2809. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(71220);\n script_version(\"1.13\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4073\", \"CVE-2013-4164\");\n script_bugtraq_id(58141, 60843, 63873);\n script_xref(name:\"DSA\", value:\"2809\");\n\n script_name(english:\"Debian DSA-2809-1 : ruby1.8 - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language. The Common Vulnerabilities and Exposures project\nidentifies the following problems :\n\n - CVE-2013-1821\n Ben Murphy discovered that unrestricted entity expansion\n in REXML can lead to a Denial of Service by consuming\n all host memory.\n\n - CVE-2013-4073\n William (B.J.) Snow Orvis discovered a vulnerability in\n the hostname checking in Ruby's SSL client that could\n allow man-in-the-middle attackers to spoof SSL servers\n via a crafted certificate issued by a trusted\n certification authority.\n\n - CVE-2013-4164\n Charlie Somerville discovered that Ruby incorrectly\n handled floating point number conversion. If an\n application using Ruby accepted untrusted input strings\n and converted them to floating point numbers, an\n attacker able to provide such input could cause the\n application to crash or, possibly, execute arbitrary\n code with the privileges of the application.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702526\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=714541\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=730189\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-1821\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4073\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/CVE-2013-4164\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze/ruby1.8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/ruby1.8\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2013/dsa-2809\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the ruby1.8 packages.\n\nFor the oldstable distribution (squeeze), these problems have been\nfixed in version 1.8.7.302-2squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed\nin version 1.8.7.358-7.1+deb7u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/12/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/12/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.8\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.8-dbg\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ri1.8\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-dev\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-elisp\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.8-examples\", reference:\"1.8.7.302-2squeeze2\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libruby1.8\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libruby1.8-dbg\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libtcltk-ruby1.8\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ri1.8\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.8\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.8-dev\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.8-examples\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"ruby1.8-full\", reference:\"1.8.7.358-7.1+deb7u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-07T14:29:17", "description": "It was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the SLSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20130307)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:fermilab:scientific_linux:ruby", "p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo", "p-cpe:/a:fermilab:scientific_linux:ruby-devel", "p-cpe:/a:fermilab:scientific_linux:ruby-docs", "p-cpe:/a:fermilab:scientific_linux:ruby-irb", "p-cpe:/a:fermilab:scientific_linux:ruby-libs", "p-cpe:/a:fermilab:scientific_linux:ruby-rdoc", "p-cpe:/a:fermilab:scientific_linux:ruby-ri", "p-cpe:/a:fermilab:scientific_linux:ruby-static", "p-cpe:/a:fermilab:scientific_linux:ruby-tcltk", "x-cpe:/o:fermilab:scientific_linux"], "id": "SL_20130307_RUBY_ON_SL6_X.NASL", "href": "https://www.tenable.com/plugins/nessus/65094", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65094);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2011-1005\", \"CVE-2012-4481\", \"CVE-2013-1821\");\n\n script_name(english:\"Scientific Linux Security Update : ruby on SL6.x i386/x86_64 (20130307)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"It was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the SLSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could\nuse this flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1303&L=scientific-linux-errata&T=0&P=2967\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?620a24f5\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fermilab:scientific_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/03/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nos_ver = pregmatch(pattern: \"Scientific Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Scientific Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Scientific Linux 6.x\", \"Scientific Linux \" + os_ver);\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL6\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-debuginfo-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-devel-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-libs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"SL6\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-11T14:49:07", "description": "From Red Hat Security Advisory 2013:0612 :\n\nUpdated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-07-12T00:00:00", "type": "nessus", "title": "Oracle Linux 6 : ruby (ELSA-2013-0612)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:ruby", "p-cpe:/a:oracle:linux:ruby-devel", "p-cpe:/a:oracle:linux:ruby-docs", "p-cpe:/a:oracle:linux:ruby-irb", "p-cpe:/a:oracle:linux:ruby-libs", "p-cpe:/a:oracle:linux:ruby-rdoc", "p-cpe:/a:oracle:linux:ruby-ri", "p-cpe:/a:oracle:linux:ruby-static", "p-cpe:/a:oracle:linux:ruby-tcltk", "cpe:/o:oracle:linux:6"], "id": "ORACLELINUX_ELSA-2013-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/68782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2013:0612 and \n# Oracle Linux Security Advisory ELSA-2013-0612 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(68782);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\");\n script_bugtraq_id(55813, 58141);\n script_xref(name:\"RHSA\", value:\"2013:0612\");\n\n script_name(english:\"Oracle Linux 6 : ruby (ELSA-2013-0612)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2013:0612 :\n\nUpdated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could\nuse this flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2013-March/003340.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:6\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 6\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL6\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-devel-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-libs-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\nif (rpm_check(release:\"EL6\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-devel / ruby-docs / ruby-irb / ruby-libs / ruby-rdoc / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:45:01", "description": "Updated ruby packages that fix two security issues are now available for Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML entity expansion. An attacker could use this flaw to cause a denial of service by tricking a Ruby application using REXML to read text nodes from specially crafted XML content, which will result in REXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the CVE-2011-1005 issue, a flaw in the method for translating an exception message into a string in the Exception class. A remote attacker could use this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted) code to modify arbitrary, trusted (untainted) strings, which safe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages, which contain backported patches to resolve these issues.", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "nessus", "title": "RHEL 6 : ruby (RHSA-2013:0612)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2021-01-14T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:ruby", "p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo", "p-cpe:/a:redhat:enterprise_linux:ruby-devel", "p-cpe:/a:redhat:enterprise_linux:ruby-docs", "p-cpe:/a:redhat:enterprise_linux:ruby-irb", "p-cpe:/a:redhat:enterprise_linux:ruby-libs", "p-cpe:/a:redhat:enterprise_linux:ruby-rdoc", "p-cpe:/a:redhat:enterprise_linux:ruby-ri", "p-cpe:/a:redhat:enterprise_linux:ruby-static", "p-cpe:/a:redhat:enterprise_linux:ruby-tcltk", "cpe:/o:redhat:enterprise_linux:6", "cpe:/o:redhat:enterprise_linux:6.4"], "id": "REDHAT-RHSA-2013-0612.NASL", "href": "https://www.tenable.com/plugins/nessus/65085", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2013:0612. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65085);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\");\n script_bugtraq_id(55813, 58141);\n script_xref(name:\"RHSA\", value:\"2013:0612\");\n\n script_name(english:\"RHEL 6 : ruby (RHSA-2013:0612)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated ruby packages that fix two security issues are now available\nfor Red Hat Enterprise Linux 6.\n\nThe Red Hat Security Response Team has rated this update as having\nmoderate security impact. Common Vulnerability Scoring System (CVSS)\nbase scores, which give detailed severity ratings, are available for\neach vulnerability from the CVE links in the References section.\n\nRuby is an extensible, interpreted, object-oriented, scripting\nlanguage. It has features to process text files and to do system\nmanagement tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict\nXML entity expansion. An attacker could use this flaw to cause a\ndenial of service by tricking a Ruby application using REXML to read\ntext nodes from specially crafted XML content, which will result in\nREXML consuming large amounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could\nuse this flaw to bypass safe level 4 restrictions, allowing untrusted\n(tainted) code to modify arbitrary, trusted (untainted) strings, which\nsafe level 4 restrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages,\nwhich contain backported patches to resolve these issues.\"\n );\n # https://rhn.redhat.com/errata/RHSA-2011-0910.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2011:0910\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2013:0612\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2012-4481\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2013-1821\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-ri\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:6.4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/04/09\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/03/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^6([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 6.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2013:0612\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-debuginfo-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-devel-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-docs-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-irb-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", reference:\"ruby-libs-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-rdoc-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-ri-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-static-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"i686\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"s390x\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n if (rpm_check(release:\"RHEL6\", cpu:\"x86_64\", reference:\"ruby-tcltk-1.8.7.352-10.el6_4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / ruby-docs / ruby-irb / etc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-11T14:44:07", "description": "The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 9.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2018-04-20T00:00:00", "type": "nessus", "title": "Oracle WebLogic Server Multiple Vulnerabilities (April 2018 CPU)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768", "CVE-2017-5645", "CVE-2018-2628"], "modified": "2022-09-08T00:00:00", "cpe": ["cpe:/a:oracle:fusion_middleware", "cpe:/a:oracle:weblogic_server"], "id": "ORACLE_WEBLOGIC_SERVER_CPU_APR_2018.NASL", "href": "https://www.tenable.com/plugins/nessus/109201", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(109201);\n script_version(\"1.21\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/09/08\");\n\n script_cve_id(\"CVE-2013-1768\", \"CVE-2017-5645\", \"CVE-2018-2628\");\n script_bugtraq_id(60534, 97702);\n script_xref(name:\"CISA-KNOWN-EXPLOITED\", value:\"2022/09/29\");\n\n script_name(english:\"Oracle WebLogic Server Multiple Vulnerabilities (April 2018 CPU)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"An application server installed on the remote host is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Oracle WebLogic Server installed on the remote host is\naffected by multiple vulnerabilities\");\n # https://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixFMW\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?4e39ef65\");\n # https://www.tenable.com/blog/critical-oracle-weblogic-server-flaw-still-not-patched\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?9cf2dde7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the appropriate patch according to the April 2018 Oracle\nCritical Patch Update advisory.\n\nNote that the patch for CVE-2018-2628 is reportedly incomplete.\nRefer to Oracle for any additional patch instructions or\nmitigation options.\");\n script_set_attribute(attribute:\"agent\", value:\"all\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:H/RL:O/RC:X\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-2628\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_set_attribute(attribute:\"metasploit_name\", value:'Oracle Weblogic Server Deserialization RCE');\n script_set_attribute(attribute:\"exploit_framework_metasploit\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/04/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/04/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:fusion_middleware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:oracle:weblogic_server\");\n script_set_attribute(attribute:\"thorough_tests\", value:\"true\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"oracle_weblogic_server_installed.nbin\", \"os_fingerprint.nasl\");\n script_require_keys(\"installed_sw/Oracle WebLogic Server\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"install_func.inc\");\ninclude(\"spad_log_func.inc\");\n\napp_name = \"Oracle WebLogic Server\";\n\ninstall = get_single_install(app_name:app_name, exit_if_unknown_ver:TRUE);\nohome = install[\"Oracle Home\"];\nsubdir = install[\"path\"];\nversion = install[\"version\"];\n\nfix = NULL;\nfix_ver = NULL;\nspad_log(message:\"checking version [\" + version + \"]\");\nif (version =~ \"^10\\.3\\.6\\.0\")\n{\n fix_ver = \"10.3.6.0.180417\";\n fix = make_list('GFWX', 'B47X'); # Smart Patch Update ID, only 10.3.6.0 has a smart patch update id\n}\nelse if (version =~ \"^12\\.1\\.3\\.0\")\n{\n fix_ver = \"12.1.3.0.180417\";\n fix = make_list(\"27419391\", \"27919943\");\n}\nelse if (version =~ \"^12\\.2\\.1\\.2\")\n{\n fix_ver = \"12.2.1.2.180417\";\n fix = make_list(\"27338939\",\"27741413\");\n}\nelse if (version =~ \"^12\\.2\\.1\\.3\")\n{\n fix_ver = \"12.2.1.3.180417\";\n fix = make_list(\"27342434\", \"27912627\");\n}\nelse\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nspad_log(message:\"checking fix [\" + obj_rep(fix) + \"]\");\nPATCHED=FALSE;\n\n# Iterate over the list of patches and check the install for the patchID\nforeach id (fix)\n{\n spad_log(message:\"Checking fix id: [\" + id +\"]\");\n if (install[id])\n {\n PATCHED=TRUE;\n break;\n }\n}\n\nVULN=FALSE;\nif (ver_compare(ver:version, fix:fix_ver, strict:FALSE) == -1)\n VULN=TRUE;\n\nif (PATCHED || !VULN)\n audit(AUDIT_INST_PATH_NOT_VULN, app_name, version, subdir);\n\nos = get_kb_item_or_exit(\"Host/OS\");\nif ('windows' >< tolower(os))\n{\n port = get_kb_item(\"SMB/transport\");\n if (!port) port = 445;\n}\nelse port = 0;\n\nreport =\n '\\n Oracle Home : ' + ohome +\n '\\n Install path : ' + subdir +\n '\\n Version : ' + version +\n '\\n Fixes : ' + join(sep:\", \", fix);\n\nsecurity_report_v4(extra:report, severity:SECURITY_HOLE, port:port);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-25T14:35:20", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-25T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2020-1691)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-10933"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-openssl", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1691.NASL", "href": "https://www.tenable.com/plugins/nessus/137798", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137798);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.6.0 : ruby (EulerOS-SA-2020-1691)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7,\n 2.6.x through 2.6.5, and 2.7.0. If a victim calls\n BasicSocket#read_nonblock(requested_size, buffer,\n exception: false), the method resizes the buffer to fit\n the requested size, but no data is copied. Thus, the\n buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the\n interpreter.(CVE-2020-10933)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1691\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2e474eb4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10933\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-openssl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-irb-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-libs-2.5.1-98.h8.eulerosv2r8\",\n \"rubygem-bigdecimal-1.3.4-98.h8.eulerosv2r8\",\n \"rubygem-io-console-0.4.6-98.h8.eulerosv2r8\",\n \"rubygem-json-2.1.0-98.h8.eulerosv2r8\",\n \"rubygem-openssl-2.1.0-98.h8.eulerosv2r8\",\n \"rubygem-psych-3.0.2-98.h8.eulerosv2r8\",\n \"rubygem-rdoc-6.0.1-98.h8.eulerosv2r8\",\n \"rubygems-2.7.6-98.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:34:29", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-05-26T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-1590)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-10933"], "modified": "2022-05-13T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1590.NASL", "href": "https://www.tenable.com/plugins/nessus/136868", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136868);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/13\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n\n script_name(english:\"EulerOS 2.0 SP8 : ruby (EulerOS-SA-2020-1590)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7,\n 2.6.x through 2.6.5, and 2.7.0. If a victim calls\n BasicSocket#read_nonblock(requested_size, buffer,\n exception: false), the method resizes the buffer to fit\n the requested size, but no data is copied. Thus, the\n buffer string provides the previous value of the heap.\n This may expose possibly sensitive data from the\n interpreter.(CVE-2020-10933)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1590\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1126f8ae\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10933\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-irb-2.5.1-98.h8.eulerosv2r8\",\n \"ruby-libs-2.5.1-98.h8.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-01-25T14:36:09", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-06-02T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1615)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2019-16201", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1615.NASL", "href": "https://www.tenable.com/plugins/nessus/137033", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137033);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-16201\",\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : ruby (EulerOS-SA-2020-1615)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7,\n 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a\n regular expression Denial of Service cause by\n looping/backtracking. A victim must expose a WEBrick\n server that uses DigestAuth to the Internet or a\n untrusted network.(CVE-2019-16201)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1615\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5b5b6975\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10663\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h25.eulerosv2r7\",\n \"ruby-irb-2.0.0.648-33.h25.eulerosv2r7\",\n \"ruby-libs-2.0.0.648-33.h25.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-01-11T15:19:32", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n - There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.(CVE-2020-8130)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-08T00:00:00", "type": "nessus", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.4, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 6.9, "vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-8130"], "modified": "2022-05-12T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2020-1955.NASL", "href": "https://www.tenable.com/plugins/nessus/140325", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140325);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/12\");\n\n script_cve_id(\"CVE-2020-8130\", \"CVE-2020-10663\");\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : ruby (EulerOS-SA-2020-1955)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerabilities :\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\n - There is an OS command injection vulnerability in Ruby\n Rake < 12.3.3 in Rake::FileList when supplying a\n filename that begins with the pipe character\n `|`.(CVE-2020-8130)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1955\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?40ed6847\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-8130\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2020-10663\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h26\",\n \"ruby-irb-2.0.0.648-33.h26\",\n \"ruby-libs-2.0.0.648-33.h26\",\n \"rubygem-bigdecimal-1.2.0-33.h26\",\n \"rubygem-io-console-0.4.2-33.h26\",\n \"rubygem-json-1.7.7-33.h26\",\n \"rubygem-psych-2.0.0-33.h26\",\n \"rubygem-rdoc-4.0.0-33.h26\",\n \"rubygems-2.0.14.1-33.h26\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 6.9, "vector": "AV:L/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2023-01-11T15:18:54", "description": "An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.\n(CVE-2018-16396)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269 , but does not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent. (CVE-2020-10663)", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : ruby20 (ALAS-2020-1416)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2018-16396", "CVE-2020-10663"], "modified": "2022-01-26T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby20", "p-cpe:/a:amazon:linux:ruby20-debuginfo", "p-cpe:/a:amazon:linux:ruby20-devel", "p-cpe:/a:amazon:linux:ruby20-doc", "p-cpe:/a:amazon:linux:ruby20-irb", "p-cpe:/a:amazon:linux:ruby20-libs", "p-cpe:/a:amazon:linux:rubygem20-bigdecimal", "p-cpe:/a:amazon:linux:rubygem20-io-console", "p-cpe:/a:amazon:linux:rubygem20-psych", "p-cpe:/a:amazon:linux:rubygems20", "p-cpe:/a:amazon:linux:rubygems20-devel", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2020-1416.NASL", "href": "https://www.tenable.com/plugins/nessus/139550", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2020-1416.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139550);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/01/26\");\n\n script_cve_id(\"CVE-2018-16396\", \"CVE-2020-10663\");\n script_xref(name:\"ALAS\", value:\"2020-1416\");\n\n script_name(english:\"Amazon Linux AMI : ruby20 (ALAS-2020-1416)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5,\n2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint\nstrings that result from unpacking tainted strings with some formats.\n(CVE-2018-16396)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through\n2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object\nCreation Vulnerability. This is quite similar to CVE-2013-0269 , but\ndoes not rely on poor garbage-collection behavior within Ruby.\nSpecifically, use of JSON parsing methods can lead to creation of a\nmalicious object within the interpreter, with adverse effects that are\napplication-dependent. (CVE-2020-10663)\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2020-1416.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ruby20' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2018-16396\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2018/11/16\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/08/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby20-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem20-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems20-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-debuginfo-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-devel-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-doc-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-irb-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ruby20-libs-2.0.0.648-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-bigdecimal-1.2.0-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-io-console-0.4.2-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygem20-psych-2.0.0-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-2.0.14.1-1.33.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"rubygems20-devel-2.0.14.1-1.33.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby20 / ruby20-debuginfo / ruby20-devel / ruby20-doc / ruby20-irb / etc\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:42:03", "description": "Jean-Philippe Aumasson discovered that Ruby incorrectly generated predictable hash values. An attacker could use this issue to generate hash collisions and cause a denial of service. (CVE-2012-5371)\n\nEvgeny Ermakov discovered that documentation generated by rdoc is vulnerable to a cross-site scripting issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify the contents, or steal confidential data, within the same domain.\n(CVE-2013-0256)\n\nThomas Hollstegge and Ben Murphy discovered that the JSON implementation in Ruby incorrectly handled certain crafted documents.\nAn attacker could use this issue to cause a denial of service or bypass certain protection mechanisms. (CVE-2013-0269).\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "nessus", "title": "Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1733-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2019-09-19T00:00:00", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1", "p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1", "cpe:/o:canonical:ubuntu_linux:12.04:-:lts", "cpe:/o:canonical:ubuntu_linux:12.10"], "id": "UBUNTU_USN-1733-1.NASL", "href": "https://www.tenable.com/plugins/nessus/64799", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-1733-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(64799);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2019/09/19 12:54:28\");\n\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_bugtraq_id(56484, 57785, 57899);\n script_xref(name:\"USN\", value:\"1733-1\");\n\n script_name(english:\"Ubuntu 12.04 LTS / 12.10 : ruby1.9.1 vulnerabilities (USN-1733-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\npredictable hash values. An attacker could use this issue to generate\nhash collisions and cause a denial of service. (CVE-2012-5371)\n\nEvgeny Ermakov discovered that documentation generated by rdoc is\nvulnerable to a cross-site scripting issue. With cross-site scripting\nvulnerabilities, if a user were tricked into viewing a specially\ncrafted page, a remote attacker could exploit this to modify the\ncontents, or steal confidential data, within the same domain.\n(CVE-2013-0256)\n\nThomas Hollstegge and Ben Murphy discovered that the JSON\nimplementation in Ruby incorrectly handled certain crafted documents.\nAn attacker could use this issue to cause a denial of service or\nbypass certain protection mechanisms. (CVE-2013-0269).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/1733-1/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected libruby1.9.1 and / or ruby1.9.1 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:12.10\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/02/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2013-2019 Canonical, Inc. / NASL script (C) 2013-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! preg(pattern:\"^(12\\.04|12\\.10)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 12.04 / 12.10\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"12.04\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"12.04\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.0-1ubuntu2.5\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"libruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.3\")) flag++;\nif (ubuntu_check(osver:\"12.10\", pkgname:\"ruby1.9.1\", pkgver:\"1.9.3.194-1ubuntu1.3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libruby1.9.1 / ruby1.9.1\");\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-11T14:58:22", "description": "Two vulnerabilities were identified in the Ruby language interpreter, version 1.9.1.\n\nCVE-2012-5371\n\nJean-Philippe Aumasson identified that Ruby computed hash values without properly restricting the ability to trigger hash collisions predictably, allowing context-dependent attackers to cause a denial of service (CPU consumption). This is a different vulnerability than CVE-2011-4815.\n\nCVE-2013-0269\n\nThomas Hollstegge and Ben Murphy found that the JSON gem for Ruby allowed remote attackers to cause a denial of service (resource consumption) or bypass the mass assignment protection mechanism via a crafted JSON document that triggers the creation of arbitrary Ruby symbols or certain internal objects.\n\nFor the squeeze distribution, theses vulnerabilities have been fixed in version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you upgrade your ruby1.9.1 package.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2015-07-02T00:00:00", "type": "nessus", "title": "Debian DLA-263-1 : ruby1.9.1 security update", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-4815", "CVE-2012-5371", "CVE-2013-0269"], "modified": "2021-01-11T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:libruby1.9.1", "p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg", "p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1", "p-cpe:/a:debian:debian_linux:ri1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1", "p-cpe:/a:debian:debian_linux:ruby1.9.1-dev", "p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp", "p-cpe:/a:debian:debian_linux:ruby1.9.1-examples", "p-cpe:/a:debian:debian_linux:ruby1.9.1-full", "cpe:/o:debian:debian_linux:6.0"], "id": "DEBIAN_DLA-263.NASL", "href": "https://www.tenable.com/plugins/nessus/84494", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-263-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(84494);\n script_version(\"2.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0269\");\n script_bugtraq_id(56484, 57899);\n\n script_name(english:\"Debian DLA-263-1 : ruby1.9.1 security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Two vulnerabilities were identified in the Ruby language interpreter,\nversion 1.9.1.\n\nCVE-2012-5371\n\nJean-Philippe Aumasson identified that Ruby computed hash values\nwithout properly restricting the ability to trigger hash collisions\npredictably, allowing context-dependent attackers to cause a denial of\nservice (CPU consumption). This is a different vulnerability than\nCVE-2011-4815.\n\nCVE-2013-0269\n\nThomas Hollstegge and Ben Murphy found that the JSON gem for Ruby\nallowed remote attackers to cause a denial of service (resource\nconsumption) or bypass the mass assignment protection mechanism via a\ncrafted JSON document that triggers the creation of arbitrary Ruby\nsymbols or certain internal objects.\n\nFor the squeeze distribution, theses vulnerabilities have been fixed\nin version 1.9.2.0-2+deb6u5 of ruby1.9.1. We recommend that you\nupgrade your ruby1.9.1 package.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/07/msg00000.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/ruby1.9.1\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libruby1.9.1-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libtcltk-ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ri1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-elisp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-examples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:ruby1.9.1-full\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/07/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libruby1.9.1-dbg\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libtcltk-ruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ri1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-dev\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-elisp\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-examples\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"ruby1.9.1-full\", reference:\"1.9.2.0-2+deb6u5\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-02-07T14:30:33", "description": "The remote host is affected by the vulnerability described in GLSA-201412-27 (Ruby: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A context-dependent attacker could possibly execute arbitrary code with the privileges of the process, cause a Denial of Service condition, or bypass security restrictions.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2014-12-15T00:00:00", "type": "nessus", "title": "GLSA-201412-27 : Ruby: Denial of Service", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-0188", "CVE-2011-1004", "CVE-2011-1005", "CVE-2011-4815", "CVE-2012-4481", "CVE-2012-5371", "CVE-2013-0269", "CVE-2013-1821", "CVE-2013-4164", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:ruby", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201412-27.NASL", "href": "https://www.tenable.com/plugins/nessus/79980", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201412-27.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(79980);\n script_version(\"1.8\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\", \"CVE-2012-4481\", \"CVE-2012-5371\", \"CVE-2013-0269\", \"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_bugtraq_id(46458, 46460, 46966, 51198, 55813, 56484, 57899, 58141, 63873, 70935, 71230);\n script_xref(name:\"GLSA\", value:\"201412-27\");\n\n script_name(english:\"GLSA-201412-27 : Ruby: Denial of Service\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201412-27\n(Ruby: Denial of Service)\n\n Multiple vulnerabilities have been discovered in Ruby. Please review the\n CVE identifiers referenced below for details.\n \nImpact :\n\n A context-dependent attacker could possibly execute arbitrary code with\n the privileges of the process, cause a Denial of Service condition, or\n bypass security restrictions.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201412-27\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Ruby 1.9 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/ruby-1.9.3_p551'\n All Ruby 2.0 users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=dev-lang/ruby-2.0.0_p598'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/12/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/12/15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"dev-lang/ruby\", unaffected:make_list(\"rge 1.9.3_p551\", \"ge 2.0.0_p598\"), vulnerable:make_list(\"lt 2.0.0_p598\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-02-07T14:31:21", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.i1/4^CVE-2014-8080i1/4%0\n\n - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.i1/4^CVE-2014-8090i1/4%0\n\n - Off-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.(CVE-2014-4975)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2018-11-21T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.5.1 : ruby (EulerOS-SA-2018-1374)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821", "CVE-2014-4975", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2021-04-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:2.5.1"], "id": "EULEROS_SA-2018-1374.NASL", "href": "https://www.tenable.com/plugins/nessus/119065", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(119065);\n script_version(\"1.38\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/04/08\");\n\n script_cve_id(\n \"CVE-2014-4975\",\n \"CVE-2014-8080\",\n \"CVE-2014-8090\"\n );\n script_bugtraq_id(\n 68474,\n 70935,\n 71230\n );\n\n script_name(english:\"EulerOS Virtualization 2.5.1 : ruby (EulerOS-SA-2018-1374)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x\n before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote\n attackers to cause a denial of service (memory\n consumption) via a crafted XML document, aka an XML\n Entity Expansion (XEE) attack.i1/4^CVE-2014-8080i1/4%0\n\n - The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel\n 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x\n before 2.1.5 allows remote attackers to cause a denial\n of service (CPU and memory consumption) a crafted XML\n document containing an empty string in an entity that\n is used in a large number of nested entity references,\n aka an XML Entity Expansion (XEE) attack. NOTE: this\n vulnerability exists because of an incomplete fix for\n CVE-2013-1821 and CVE-2014-8080.i1/4^CVE-2014-8090i1/4%0\n\n - Off-by-one error in the encodes function in pack.c in\n Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when\n using certain format string specifiers, allows\n context-dependent attackers to cause a denial of\n service (segmentation fault) via vectors that trigger a\n stack-based buffer overflow.(CVE-2014-4975)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1374\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?688a1521\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.5.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.5.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.5.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.353-23.h9\",\n \"ruby-irb-2.0.0.353-23.h9\",\n \"ruby-libs-2.0.0.353-23.h9\",\n \"rubygem-bigdecimal-1.2.0-23.h9\",\n \"rubygem-io-console-0.4.2-23.h9\",\n \"rubygem-json-1.7.7-23.h9\",\n \"rubygem-psych-2.0.0-23.h9\",\n \"rubygem-rdoc-4.0.0-23.h9\",\n \"rubygems-2.0.14-23.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-01-25T14:37:23", "description": "The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4882-1 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter. (CVE-2020-10933)\n\n - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. (CVE-2020-25613)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-03-23T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Ruby vulnerabilities (USN-4882-1)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-10933", "CVE-2020-25613"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:lts", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.10", "p-cpe:/a:canonical:ubuntu_linux:libruby2.3", "p-cpe:/a:canonical:ubuntu_linux:libruby2.5", "p-cpe:/a:canonical:ubuntu_linux:libruby2.7", "p-cpe:/a:canonical:ubuntu_linux:ruby2.3", "p-cpe:/a:canonical:ubuntu_linux:ruby2.3-dev", "p-cpe:/a:canonical:ubuntu_linux:ruby2.3-tcltk", "p-cpe:/a:canonical:ubuntu_linux:ruby2.5", "p-cpe:/a:canonical:ubuntu_linux:ruby2.5-dev", "p-cpe:/a:canonical:ubuntu_linux:ruby2.7", "p-cpe:/a:canonical:ubuntu_linux:ruby2.7-dev"], "id": "UBUNTU_USN-4882-1.NASL", "href": "https://www.tenable.com/plugins/nessus/147970", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4882-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(147970);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\", \"CVE-2020-25613\");\n script_xref(name:\"USN\", value:\"4882-1\");\n\n script_name(english:\"Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 : Ruby vulnerabilities (USN-4882-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 20.10 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the USN-4882-1 advisory.\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\n - An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls\n BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit\n the requested size, but no data is copied. Thus, the buffer string provides the previous value of the\n heap. This may expose possibly sensitive data from the interpreter. (CVE-2020-10933)\n\n - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a\n simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An\n attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header\n check), which may lead to an HTTP Request Smuggling attack. (CVE-2020-25613)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4882-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25613\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/03/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/03/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby2.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libruby2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.3-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.3-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.5\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.5-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ruby2.7-dev\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2021-2023 Canonical, Inc. / NASL script (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|20\\.10)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 20.10', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '16.04', 'pkgname': 'libruby2.3', 'pkgver': '2.3.1-2~ubuntu16.04.15'},\n {'osver': '16.04', 'pkgname': 'ruby2.3', 'pkgver': '2.3.1-2~ubuntu16.04.15'},\n {'osver': '16.04', 'pkgname': 'ruby2.3-dev', 'pkgver': '2.3.1-2~ubuntu16.04.15'},\n {'osver': '16.04', 'pkgname': 'ruby2.3-tcltk', 'pkgver': '2.3.1-2~ubuntu16.04.15'},\n {'osver': '18.04', 'pkgname': 'libruby2.5', 'pkgver': '2.5.1-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'ruby2.5', 'pkgver': '2.5.1-1ubuntu1.8'},\n {'osver': '18.04', 'pkgname': 'ruby2.5-dev', 'pkgver': '2.5.1-1ubuntu1.8'},\n {'osver': '20.04', 'pkgname': 'libruby2.7', 'pkgver': '2.7.0-5ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'ruby2.7', 'pkgver': '2.7.0-5ubuntu1.3'},\n {'osver': '20.04', 'pkgname': 'ruby2.7-dev', 'pkgver': '2.7.0-5ubuntu1.3'},\n {'osver': '20.10', 'pkgname': 'libruby2.7', 'pkgver': '2.7.1-3ubuntu1.2'},\n {'osver': '20.10', 'pkgname': 'ruby2.7', 'pkgver': '2.7.1-3ubuntu1.2'},\n {'osver': '20.10', 'pkgname': 'ruby2.7-dev', 'pkgver': '2.7.1-3ubuntu1.2'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libruby2.3 / libruby2.5 / libruby2.7 / ruby2.3 / ruby2.3-dev / etc');\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-03-22T14:37:41", "description": "The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2021-1641 advisory.\n\n - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header check), which may lead to an HTTP Request Smuggling attack. (CVE-2020-25613)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application- dependent. (CVE-2020-10663)\n\n - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute arbitrary code via | and tags in a filename. (CVE-2021-31799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2021-05-24T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : ruby (ALAS-2021-1641)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2020-25613", "CVE-2021-31799"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ruby", "p-cpe:/a:amazon:linux:ruby-debuginfo", "p-cpe:/a:amazon:linux:ruby-devel", "p-cpe:/a:amazon:linux:ruby-doc", "p-cpe:/a:amazon:linux:ruby-irb", "p-cpe:/a:amazon:linux:ruby-libs", "p-cpe:/a:amazon:linux:ruby-tcltk", "p-cpe:/a:amazon:linux:rubygem-bigdecimal", "p-cpe:/a:amazon:linux:rubygem-io-console", "p-cpe:/a:amazon:linux:rubygem-json", "p-cpe:/a:amazon:linux:rubygem-minitest", "p-cpe:/a:amazon:linux:rubygem-psych", "p-cpe:/a:amazon:linux:rubygem-rake", "p-cpe:/a:amazon:linux:rubygem-rdoc", "p-cpe:/a:amazon:linux:rubygems", "p-cpe:/a:amazon:linux:rubygems-devel", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2021-1641.NASL", "href": "https://www.tenable.com/plugins/nessus/149871", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2021-1641.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(149871);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-25613\", \"CVE-2021-31799\");\n script_xref(name:\"ALAS\", value:\"2021-1641\");\n\n script_name(english:\"Amazon Linux 2 : ruby (ALAS-2021-1641)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of ruby installed on the remote host is prior to 2.0.0.648-36. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2021-1641 advisory.\n\n - An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a\n simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value rigorously. An\n attacker may potentially exploit this issue to bypass a reverse proxy (which also has a poor header\n check), which may lead to an HTTP Request Smuggling attack. (CVE-2020-25613)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead\n to creation of a malicious object within the interpreter, with adverse effects that are application-\n dependent. (CVE-2020-10663)\n\n - In RDoc 3.11 through 6.x before 6.3.1, as distributed with Ruby through 3.0.1, it is possible to execute\n arbitrary code via | and tags in a filename. (CVE-2021-31799)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2021-1641.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/../../faqs.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-10663.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2020-25613.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2021-31799.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update ruby' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-25613\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2013/02/11\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ruby-tcltk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-minitest\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-rake\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:rubygems-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'ruby-2.0.0.648-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-2.0.0.648-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-2.0.0.648-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-debuginfo-2.0.0.648-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-debuginfo-2.0.0.648-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-debuginfo-2.0.0.648-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.0.0.648-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.0.0.648-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-devel-2.0.0.648-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-doc-2.0.0.648-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-irb-2.0.0.648-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.0.0.648-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.0.0.648-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-libs-2.0.0.648-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-tcltk-2.0.0.648-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-tcltk-2.0.0.648-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'ruby-tcltk-2.0.0.648-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.2.0-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.2.0-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-bigdecimal-1.2.0-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.2-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.2-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-io-console-0.4.2-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-1.7.7-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-1.7.7-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-json-1.7.7-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-minitest-4.3.2-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-2.0.0-36.amzn2.0.2', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-2.0.0-36.amzn2.0.2', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-psych-2.0.0-36.amzn2.0.2', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rake-0.9.6-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygem-rdoc-4.0.0-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-2.0.14.1-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'rubygems-devel-2.0.14.1-36.amzn2.0.2', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby / ruby-debuginfo / ruby-devel / etc\");\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2023-02-22T14:14:05", "description": "The ruby interpreter received a fix for two security issues :\n\n - Ruby's $SAFE mechanism enables untrusted user codes to run in $SAFE >= 4 mode. This is a kind of sandboxing so some operations are restricted in that mode to protect other data outside the sandbox. (CVE-2012-4466)\n\n The problem found was around this mechanism.\n Exception#to_s, NameError#to_s, and name_err_mesg_to_s() interpreter-internal API was not correctly handling the $SAFE bits so a String object which is not tainted can destructively be marked as tainted using them. By using this an untrusted code in a sandbox can modify a formerly-untainted string destructively.\n\n http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-446 4-cve-2012-4466/\n\n - Ruby before 1.8.7-p352 does not reset the random seed upon forking, which makes it easier for context-dependent attackers to predict the values of random numbers by leveraging knowledge of the number sequence obtained in a different child process.\n (CVE-2011-2686)\n\n - Fix entity expansion DoS vulnerability in REXML. When reading text nodes from an XML document, the REXML parser could be coerced into allocating extremely large string objects which could consume all available memory on the system. (CVE-2013-1821)", "cvss3": {}, "published": "2013-04-04T00:00:00", "type": "nessus", "title": "SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)", "bulletinFamily": "scanner", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-2686", "CVE-2012-4464", "CVE-2012-4466", "CVE-2012-4522", "CVE-2013-1821"], "modified": "2021-01-19T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_RUBY-8524.NASL", "href": "https://www.tenable.com/plugins/nessus/65799", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\nif (NASL_LEVEL < 3000) exit(0);\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(65799);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2011-2686\", \"CVE-2012-4464\", \"CVE-2012-4466\", \"CVE-2012-4522\", \"CVE-2013-1821\");\n\n script_name(english:\"SuSE 10 Security Update : ruby (ZYPP Patch Number 8524)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The ruby interpreter received a fix for two security issues :\n\n - Ruby's $SAFE mechanism enables untrusted user codes to\n run in $SAFE >= 4 mode. This is a kind of sandboxing so\n some operations are restricted in that mode to protect\n other data outside the sandbox. (CVE-2012-4466)\n\n The problem found was around this mechanism.\n Exception#to_s, NameError#to_s, and name_err_mesg_to_s()\n interpreter-internal API was not correctly handling the\n $SAFE bits so a String object which is not tainted can\n destructively be marked as tainted using them. By using\n this an untrusted code in a sandbox can modify a\n formerly-untainted string destructively.\n\n http://www.ruby-lang.org/en/news/2012/10/12/cve-2012-446\n 4-cve-2012-4466/\n\n - Ruby before 1.8.7-p352 does not reset the random seed\n upon forking, which makes it easier for\n context-dependent attackers to predict the values of\n random numbers by leveraging knowledge of the number\n sequence obtained in a different child process.\n (CVE-2011-2686)\n\n - Fix entity expansion DoS vulnerability in REXML. When\n reading text nodes from an XML document, the REXML\n parser could be coerced into allocating extremely large\n string objects which could consume all available memory\n on the system. (CVE-2013-1821)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2011-2686.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4464.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4466.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2012-4522.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2013-1821.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 8524.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2011/08/05\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2013/03/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/04/04\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:4, reference:\"ruby-1.8.6.p369-0.14.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2023-03-05T15:48:04", "description": "According to the versions of the ruby packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND.\n This leads to a heap-based buffer over-read.(CVE-2019-19204)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the 'command' argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.(CVE-2019-16255)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.(CVE-2019-15845)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-07-01T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2020-1717)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2019-15845", "CVE-2019-16201", "CVE-2019-16255", "CVE-2019-19204", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "p-cpe:/a:huawei:euleros:rubygem-bigdecimal", "p-cpe:/a:huawei:euleros:rubygem-io-console", "p-cpe:/a:huawei:euleros:rubygem-json", "p-cpe:/a:huawei:euleros:rubygem-psych", "p-cpe:/a:huawei:euleros:rubygem-rdoc", "p-cpe:/a:huawei:euleros:rubygems", "cpe:/o:huawei:euleros:uvp:3.0.6.0"], "id": "EULEROS_SA-2020-1717.NASL", "href": "https://www.tenable.com/plugins/nessus/137936", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137936);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-15845\",\n \"CVE-2019-16201\",\n \"CVE-2019-16255\",\n \"CVE-2019-19204\",\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS Virtualization 3.0.6.0 : ruby (EulerOS-SA-2020-1717)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security\nupdates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\nVirtualization installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in Oniguruma 6.x before\n 6.9.4_rc2. In the function fetch_interval_quantifier\n (formerly known as fetch_range_quantifier) in\n regparse.c, PFETCH is called without checking PEND.\n This leads to a heap-based buffer\n over-read.(CVE-2019-19204)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x\n through 2.6.4 allows code injection if the first\n argument (aka the 'command' argument) to Shell#[] or\n Shell#test in lib/shell.rb is untrusted data. An\n attacker can exploit this to call an arbitrary Ruby\n method.(CVE-2019-16255)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x\n through 2.6.4 mishandles path checking within\n File.fnmatch functions.(CVE-2019-15845)\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7,\n 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a\n regular expression Denial of Service cause by\n looping/backtracking. A victim must expose a WEBrick\n server that uses DigestAuth to the Internet or a\n untrusted network.(CVE-2019-16201)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1717\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d533db24\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16255\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-bigdecimal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-io-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-psych\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygem-rdoc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:rubygems\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.6.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.6.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.6.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h25\",\n \"ruby-irb-2.0.0.648-33.h25\",\n \"ruby-libs-2.0.0.648-33.h25\",\n \"rubygem-bigdecimal-1.2.0-33.h25\",\n \"rubygem-io-console-0.4.2-33.h25\",\n \"rubygem-json-1.7.7-33.h25\",\n \"rubygem-psych-2.0.0-33.h25\",\n \"rubygem-rdoc-4.0.0-33.h25\",\n \"rubygems-2.0.14.1-33.h25\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2023-03-06T14:44:32", "description": "According to the versions of the ruby packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows HTTP Response Splitting. If a program using WEBrick inserts untrusted input into the response header, an attacker can exploit it to insert a newline character to split a header, and inject malicious content to deceive clients. NOTE: this issue exists because of an incomplete fix for CVE-2017-17742, which addressed the CRLF vector, but did not address an isolated CR or an isolated LF.(CVE-2019-16254)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.(CVE-2019-15845)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the 'command' argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.(CVE-2019-16255)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.1, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2020-09-28T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP3 : ruby (EulerOS-SA-2020-2139)", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "COMPLETE", "integrityImpact": "NONE", "baseScore": 7.8, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2017-17742", "CVE-2019-15845", "CVE-2019-16201", "CVE-2019-16254", "CVE-2019-16255", "CVE-2020-10663"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:ruby", "p-cpe:/a:huawei:euleros:ruby-irb", "p-cpe:/a:huawei:euleros:ruby-libs", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-2139.NASL", "href": "https://www.tenable.com/plugins/nessus/140906", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140906);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-15845\",\n \"CVE-2019-16201\",\n \"CVE-2019-16254\",\n \"CVE-2019-16255\",\n \"CVE-2020-10663\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : ruby (EulerOS-SA-2020-2139)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the ruby packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - WEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7,\n 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a\n regular expression Denial of Service cause by\n looping/backtracking. A victim must expose a WEBrick\n server that uses DigestAuth to the Internet or a\n untrusted network.(CVE-2019-16201)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x\n through 2.6.4 allows HTTP Response Splitting. If a\n program using WEBrick inserts untrusted input into the\n response header, an attacker can exploit it to insert a\n newline character to split a header, and inject\n malicious content to deceive clients. NOTE: this issue\n exists because of an incomplete fix for CVE-2017-17742,\n which addressed the CRLF vector, but did not address an\n isolated CR or an isolated LF.(CVE-2019-16254)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x\n through 2.6.4 mishandles path checking within\n File.fnmatch functions.(CVE-2019-15845)\n\n - Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x\n through 2.6.4 allows code injection if the first\n argument (aka the 'command' argument) to Shell#[] or\n Shell#test in lib/shell.rb is untrusted data. An\n attacker can exploit this to call an arbitrary Ruby\n method.(CVE-2019-16255)\n\n - The JSON gem through 2.2.0 for Ruby, as used in Ruby\n 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through\n 2.6.5, has an Unsafe Object Creation Vulnerability.\n This is quite similar to CVE-2013-0269, but does not\n rely on poor garbage-collection behavior within Ruby.\n Specifically, use of JSON parsing methods can lead to\n creation of a malicious object within the interpreter,\n with adverse effects that are\n application-dependent.(CVE-2020-10663)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-2139\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?2ad10b27\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ruby packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-16255\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-irb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ruby-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"ruby-2.0.0.648-33.h18\",\n \"ruby-irb-2.0.0.648-33.h18\",\n \"ruby-libs-2.0.0.648-33.h18\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ruby\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:38:28", "description": "Fuse ESB Enterprise, based on Apache ServiceMix, provides an integration\nplatform.\n\nThis release of Fuse ESB Enterprise 7.1.0 roll up patch 1 is an update to\nFuse ESB Enterprise 7.1.0 and includes bug fixes. Refer to the readme file\nincluded with the patch files for information about the bug fixes.\n\nThe following security issues are also fixed with this release:\n\nXML encryption backwards compatibility attacks were found against various\nframeworks, including Apache CXF. An attacker could force a server to use\ninsecure, legacy cryptosystems, even when secure cryptosystems were enabled\non endpoints. By forcing the use of legacy cryptosystems, flaws such as\nCVE-2011-1096 and CVE-2011-2487 would be exposed, allowing plain text to be\nrecovered from cryptograms and symmetric keys. (CVE-2012-5575)\n\nNote: Automatic checks to prevent CVE-2012-5575 are only run when\nWS-SecurityPolicy is used to enforce security requirements. It is best\npractice to use WS-SecurityPolicy to enforce security requirements.\n\nA flaw in JRuby's JSON gem allowed remote attacks by creating different\ntypes of malicious objects. For example, it could initiate a denial of\nservice attack through resource consumption by using a JSON document to\ncreate arbitrary Ruby symbols, which were never garbage collected. It could\nalso be exploited to create internal objects which could allow a SQL\ninjection attack. (CVE-2013-0269)\n\nIt was discovered that JRuby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nMultiple denial of service flaws were found in the way the Apache CXF\nStAX parser implementation processed certain XML files. If a web service\nutilized the StAX parser, a remote attacker could provide a\nspecially-crafted XML file that, when processed, would lead to excessive\nCPU and memory consumption. (CVE-2013-2160)\n\nNote: Fuse ESB Enterprise 7.1.0 ships JRuby as part of the camel-ruby\ncomponent, which allows users to define Camel routes in Ruby. The default\nuse of JRuby in Fuse ESB Enterprise 7.1.0 does not appear to expose either\nCVE-2013-0269 or CVE-2013-1821. If the version of JRuby shipped with Fuse\nESB Enterprise 7.1.0 was used to build a custom application, then these\nflaws could be exposed.\n\nRed Hat would like to thank Tibor Jager, Kenneth G. Paterson and Juraj\nSomorovsky of Ruhr-University Bochum for reporting CVE-2012-5575; Ruby\non Rails upstream for reporting CVE-2013-0269; and Andreas Falkenberg of\nSEC Consult Deutschland GmbH, and Christian Mainka, Juraj Somorovsky and\nJoerg Schwenk of Ruhr-University Bochum for reporting CVE-2013-2160.\nUpstream acknowledges Thomas Hollstegge of Zweitag and Ben Murphy as the\noriginal reporters of CVE-2013-0269.\n\nAll users of Fuse ESB Enterprise 7.1.0 as provided from the Red Hat\nCustomer Portal are advised to upgrade to Fuse ESB Enterprise 7.1.0 roll up\npatch 1.\n", "cvss3": {"exploitabilityScore": 2.2, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "HIGH", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.9, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2013-07-09T00:00:00", "type": "redhat", "title": "(RHSA-2013:1028) Important: Fuse ESB Enterprise 7.1.0 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1096", "CVE-2011-2487", "CVE-2012-5575", "CVE-2013-0269", "CVE-2013-1821", "CVE-2013-2160"], "modified": "2019-03-22T19:43:54", "id": "RHSA-2013:1028", "href": "https://access.redhat.com/errata/RHSA-2013:1028", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-21T04:45:24", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages, which\ncontain backported patches to resolve this issue.\n", "cvss3": {}, "published": "2013-03-07T00:00:00", "type": "redhat", "title": "(RHSA-2013:0611) Moderate: ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2017-09-08T08:11:38", "id": "RHSA-2013:0611", "href": "https://access.redhat.com/errata/RHSA-2013:0611", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-10-19T20:35:54", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nA flaw in rubygem-json and ruby193-rubygem-json allowed remote attacks by\ncreating different types of malicious objects. For example, it could\ninitiate a denial of service attack through resource consumption by using a\nJSON document to create arbitrary Ruby symbols, which were never garbage\ncollected. It could also be exploited to create internal objects which\ncould allow a SQL injection attack. (CVE-2013-0269)\n\nIt was found that documentation created by rubygem-rdoc and\nruby193-rubygem-rdoc was vulnerable to a cross-site scripting (XSS) attack.\nIf such documentation was accessible over a network, and a remote attacker\ncould trick a user into visiting a specially-crafted URL, it would lead to\narbitrary web script execution in the context of the user's session. As\nrubygem-rdoc and ruby193-rubygem-rdoc are used for creating documentation\nfor Ruby source files (such as classes, modules, and so on), it is not a\ncommon scenario to make such documentation accessible over the network.\n(CVE-2013-0256)\n\nRed Hat would like to thank Ruby on Rails upstream for reporting\nCVE-2013-0269, and Eric Hodel of RDoc upstream for reporting CVE-2013-0256.\nUpstream acknowledges Thomas Hollstegge of Zweitag and Ben Murphy as the\noriginal reporters of CVE-2013-0269, and Evgeny Ermakov as the original\nreporter of CVE-2013-0256.\n\nUsers of Red Hat OpenShift Enterprise 1.1.3 are advised to upgrade to these\nupdated packages, which correct these issues.\n", "cvss3": {}, "published": "2013-04-02T00:00:00", "type": "redhat", "title": "(RHSA-2013:0701) Moderate: ruby193-ruby, rubygem-json and rubygem-rdoc security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0256", "CVE-2013-0269"], "modified": "2018-06-09T10:17:12", "id": "RHSA-2013:0701", "href": "https://access.redhat.com/errata/RHSA-2013:0701", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-10-19T18:37:25", "description": "Ruby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could use\nthis flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\ncode to modify arbitrary, trusted (untainted) strings, which safe level 4\nrestrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\n", "cvss3": {}, "published": "2013-03-07T00:00:00", "type": "redhat", "title": "(RHSA-2013:0612) Moderate: ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2011-1005", "CVE-2012-4481", "CVE-2013-1821"], "modified": "2018-06-06T16:24:35", "id": "RHSA-2013:0612", "href": "https://access.redhat.com/errata/RHSA-2013:0612", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-10-19T20:40:32", "description": "Fuse ESB Enterprise is an integration platform based on Apache ServiceMix.\nFuse MQ Enterprise, based on Apache ActiveMQ, is a standards compliant\nmessaging system that is tailored for use in mission critical applications.\n\nThis release of Fuse ESB Enterprise/MQ Enterprise 7.1.0 R1 P1 is an update\nto Fuse ESB Enterprise 7.1.0 and Fuse MQ Enterprise 7.1.0. It includes bug\nfixes. Refer to the readme file included with the patch files for\ninformation about the bug fixes.\n\nThe following security issues are also fixed with this release:\n\nA flaw was found in the logging performed during deserialization of the\nBrokerFactory class in Apache OpenJPA. A remote attacker able to supply a\nserialized instance of the BrokerFactory class, which will be deserialized\non a server, could use this flaw to write an executable file to the\nserver's file system. (CVE-2013-1768)\n\nRestlet applications, which used ObjectRepresentation to map HTTP request\ndata directly to an object, deserialized arbitrary user-provided XML using\nXMLDecoder. XMLDecoder deserialized an attacker-provided definition of a\nclass and executed its methods. A remote attacker could use this flaw to\nperform remote code execution in the context of the server running the\nRestlet application. (CVE-2013-4221)\n\nA flaw was found in the way Restlet handled deserialization.\nRestlet applications, which used ObjectRepresentation to map HTTP request\ndata directly to an object, deserialized arbitrary user-provided serialized\ndata. A remote attacker could use this flaw to trigger the execution of the\ndeserialization methods in any serializable class deployed on the server.\nThis could lead to a variety of security impacts depending on the\ndeserialization logic of these classes. (CVE-2013-4271)\n\nA flaw was found in Apache Camel's parsing of the FILE_NAME header.\nA remote attacker able to submit messages to a Camel route, which would\nwrite the provided message to a file, could provide expression language\n(EL) expressions in the FILE_NAME header, which would be evaluated on the\nserver. This could lead to arbitrary remote code execution in the context\nof the Camel server process. (CVE-2013-4330)\n\nMultiple stored cross-site scripting (XSS) flaws were found in the Fuse\nManagement Console. A remote attacker could use this flaw to perform an XSS\nattack against other users of the Fuse Management Console. (CVE-2013-4372)\n\nThe CVE-2013-4271 issue was discovered by David Jorm of the Red Hat\nSecurity Response Team.\n\nAll users of Fuse ESB Enterprise/MQ Enterprise 7.1.0 as provided from the\nRed Hat Customer Portal are advised to upgrade to Fuse ESB Enterprise/MQ\nEnterprise 7.1.0 R1 P1.\n", "cvss3": {}, "published": "2013-12-19T00:00:00", "type": "redhat", "title": "(RHSA-2013:1862) Important: Fuse ESB Enterprise/Fuse MQ Enterprise 7.1.0 update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768", "CVE-2013-4221", "CVE-2013-4271", "CVE-2013-4330", "CVE-2013-4372"], "modified": "2019-03-22T19:43:54", "id": "RHSA-2013:1862", "href": "https://access.redhat.com/errata/RHSA-2013:1862", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "ubuntucve": [{"lastseen": "2022-08-04T14:26:04", "description": "lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows\nremote attackers to cause a denial of service (memory consumption and\ncrash) via crafted text nodes in an XML document, aka an XML Entity\nExpansion (XEE) attack.\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702526>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702525>\n", "cvss3": {}, "published": "2013-03-07T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1821", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2013-03-07T00:00:00", "id": "UB:CVE-2013-1821", "href": "https://ubuntu.com/security/CVE-2013-1821", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2022-08-04T14:24:40", "description": "The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x\nbefore 2.2.2 creates local executable JSP files containing logging trace\ndata produced during deserialization of certain crafted OpenJPA objects,\nwhich makes it easier for remote attackers to execute arbitrary code by\ncreating a serialized object and leveraging improperly secured server\nprograms.", "cvss3": {}, "published": "2013-07-11T00:00:00", "type": "ubuntucve", "title": "CVE-2013-1768", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1768"], "modified": "2013-07-11T00:00:00", "id": "UB:CVE-2013-1768", "href": "https://ubuntu.com/security/CVE-2013-1768", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-26T15:54:07", "description": "The JSON gem before 1.5.5, 1.6.x before 1.6.8, and 1.7.x before 1.7.7 for\nRuby allows remote attackers to cause a denial of service (resource\nconsumption) or bypass the mass assignment protection mechanism via a\ncrafted JSON document that triggers the creation of arbitrary Ruby symbols\nor certain internal objects, as demonstrated by conducting a SQL injection\nattack against Ruby on Rails, aka \"Unsafe Object Creation Vulnerability.\"\n\n#### Bugs\n\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700436>\n * <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700471 (ruby1.9.1)>\n\n\n#### Notes\n\nAuthor| Note \n---|--- \n[seth-arnold](<https://launchpad.net/~seth-arnold>) | 1.7 patch was updated, see second Google groups reference, the upstream patch URL given here is the updated patch.\n", "cvss3": {}, "published": "2013-02-12T00:00:00", "type": "ubuntucve", "title": "CVE-2013-0269", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 7.5, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269"], "modified": "2013-02-12T00:00:00", "id": "UB:CVE-2013-0269", "href": "https://ubuntu.com/security/CVE-2013-0269", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2023-01-27T13:43:31", "description": "The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5\nthrough 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation\nVulnerability. This is quite similar to CVE-2013-0269, but does not rely on\npoor garbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within the\ninterpreter, with adverse effects that are application-dependent.", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-04-28T00:00:00", "type": "ubuntucve", "title": "CVE-2020-10663", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-04-28T00:00:00", "id": "UB:CVE-2020-10663", "href": "https://ubuntu.com/security/CVE-2020-10663", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2022-08-04T14:18:59", "description": "The REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before\n2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to\ncause a denial of service (CPU and memory consumption) a crafted XML\ndocument containing an empty string in an entity that is used in a large\nnumber of nested entity references, aka an XML Entity Expansion (XEE)\nattack. NOTE: this vulnerability exists because of an incomplete fix for\nCVE-2013-1821 and CVE-2014-8080.", "cvss3": {}, "published": "2014-11-14T00:00:00", "type": "ubuntucve", "title": "CVE-2014-8090", "bulletinFamily": "info", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821", "CVE-2014-8080", "CVE-2014-8090"], "modified": "2014-11-14T00:00:00", "id": "UB:CVE-2014-8090", "href": "https://ubuntu.com/security/CVE-2014-8090", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-03-17T23:02:12", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-195)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120094", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120094", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120094\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:17:17 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-195)\");\n script_tag(name:\"insight\", value:\"lib/rexml/text.rb in the REXML parser in Ruby before 1.9.3-p392 allows remote attackers to cause a denial of service (memory consumption and crash) via crafted text nodes in an XML document, aka an XML Entity Expansion (XEE) attack.\");\n script_tag(name:\"solution\", value:\"Run yum update ruby19 to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-195.html\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"ruby19\", rpm:\"ruby19~1.9.3.392~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-json\", rpm:\"rubygem19-json~1.5.5~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby19-devel\", rpm:\"ruby19-devel~1.9.3.392~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby19-libs\", rpm:\"ruby19-libs~1.9.3.392~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby19-debuginfo\", rpm:\"ruby19-debuginfo~1.9.3.392~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-io-console\", rpm:\"rubygem19-io-console~0.3~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-bigdecimal\", rpm:\"rubygem19-bigdecimal~1.1.0~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-minitest\", rpm:\"rubygem19-minitest~2.5.1~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby19-irb\", rpm:\"ruby19-irb~1.9.3.392~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems19-devel\", rpm:\"rubygems19-devel~1.8.23~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-rdoc\", rpm:\"rubygem19-rdoc~3.9.5~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems19\", rpm:\"rubygems19~1.8.23~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem19-rake\", rpm:\"rubygem19-rake~0.9.2.2~29.38.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-24T11:09:25", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2013:0611 centos5 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:881671", "href": "http://plugins.openvas.org/nasl.php?oid=881671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2013:0611 centos5 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n \n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve this issue.\";\n\n\ntag_affected = \"ruby on CentOS 5\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019271.html\");\n script_id(881671);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:02:05 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0611\");\n script_name(\"CentOS Update for ruby CESA-2013:0611 centos5 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:51:30", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2013:0611-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870954", "href": "http://plugins.openvas.org/nasl.php?oid=870954", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2013:0611-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve this issue.\";\n\n\ntag_affected = \"ruby on Red Hat Enterprise Linux (v. 5 server)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00023.html\");\n script_id(870954);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:38 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0611-01\");\n script_name(\"RedHat Update for ruby RHSA-2013:0611-01\");\n\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:36:42", "description": "Oracle Linux Local Security Checks ELSA-2013-0611", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0611", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123672", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123672", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0611.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123672\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:04 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0611\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0611 - ruby security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0611\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0611.html\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux5\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux5\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~29.el5_9\", rls:\"OracleLinux5\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2013:0611-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870954", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870954", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2013:0611-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00023.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870954\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:38 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0611-01\");\n script_name(\"RedHat Update for ruby RHSA-2013:0611-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_5\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux (v. 5 server)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~29.el5_9\", rls:\"RHENT_5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:13", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1780-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841379", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1780_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ruby1.8 USN-1780-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1780-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841379\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 09:51:16 +0530 (Thu, 28 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"USN\", value:\"1780-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1780-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby1.8'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|11\\.10|10\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"ruby1.8 on Ubuntu 12.10,\n Ubuntu 12.04 LTS,\n Ubuntu 11.10,\n Ubuntu 10.04 LTS\");\n script_tag(name:\"insight\", value:\"Ben Murphy discovered that the Ruby REXML library incorrectly handled XML\n entity expansion. An attacker could use this flaw to cause Ruby to consume\n large amounts of memory, resulting in a denial of service.\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.352-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.352-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.352-2ubuntu0.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.352-2ubuntu0.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.358-4ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.358-4ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:12", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2013:0611 centos5", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881671", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881671", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2013:0611 centos5\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019271.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881671\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:02:05 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0611\");\n script_name(\"CentOS Update for ruby CESA-2013:0611 centos5\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS5\");\n script_tag(name:\"affected\", value:\"ruby on CentOS 5\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve this issue.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS5\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-mode\", rpm:\"ruby-mode~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.5~29.el5_9\", rls:\"CentOS5\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2018-01-24T11:09:49", "description": "Check for the Version of ruby1.8", "cvss3": {}, "published": "2013-03-28T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.8 USN-1780-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821"], "modified": "2018-01-24T00:00:00", "id": "OPENVAS:841379", "href": "http://plugins.openvas.org/nasl.php?oid=841379", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1780_1.nasl 8509 2018-01-24 06:57:46Z teissa $\n#\n# Ubuntu Update for ruby1.8 USN-1780-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ruby1.8 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS ,\n Ubuntu 11.10 ,\n Ubuntu 10.04 LTS\";\ntag_insight = \"Ben Murphy discovered that the Ruby REXML library incorrectly handled XML\n entity expansion. An attacker could use this flaw to cause Ruby to consume\n large amounts of memory, resulting in a denial of service.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1780-1/\");\n script_id(841379);\n script_version(\"$Revision: 8509 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-24 07:57:46 +0100 (Wed, 24 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-28 09:51:16 +0530 (Thu, 28 Mar 2013)\");\n script_cve_id(\"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"1780-1\");\n script_name(\"Ubuntu Update for ruby1.8 USN-1780-1\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby1.8\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.352-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.352-2ubuntu1.2\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.6\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU11.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.352-2ubuntu0.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.352-2ubuntu0.3\", rls:\"UBUNTU11.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU10.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.249-2ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.249-2ubuntu0.3\", rls:\"UBUNTU10.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.358-4ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.358-4ubuntu0.2\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.4\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:09:18", "description": "Check for the Version of jacorb", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for jacorb FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:866455", "href": "http://plugins.openvas.org/nasl.php?oid=866455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jacorb FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866455);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:52 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for jacorb FEDORA-2013-14159\");\n\n tag_insight = \"This package contains the Java implementation of the OMG's CORBA standard\n\";\n\n tag_affected = \"jacorb on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14159\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113758.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of jacorb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"jacorb\", rpm:\"jacorb~2.3.1~8.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-26T11:09:50", "description": "Check for the Version of cxf", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for cxf FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2018-01-25T00:00:00", "id": "OPENVAS:866504", "href": "http://plugins.openvas.org/nasl.php?oid=866504", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cxf FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866504);\n script_version(\"$Revision: 8526 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-25 07:57:37 +0100 (Thu, 25 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:11:48 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for cxf FEDORA-2013-14106\");\n\n tag_insight = \"Apache CXF is an open-source services framework that aids in\nthe development of services using front-end programming APIs,\nlike JAX-WS and JAX-RS.\n\";\n\n tag_affected = \"cxf on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14106\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113793.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of cxf\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"cxf\", rpm:\"cxf~2.6.9~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for wss4j FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866454", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866454", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wss4j FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866454\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:50 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wss4j FEDORA-2013-14159\");\n\n\n script_tag(name:\"affected\", value:\"wss4j on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113757.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wss4j'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wss4j\", rpm:\"wss4j~1.6.10~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:51:53", "description": "Check for the Version of wss4j", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for wss4j FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:866511", "href": "http://plugins.openvas.org/nasl.php?oid=866511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wss4j FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866511);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:14:23 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wss4j FEDORA-2013-14106\");\n\n tag_insight = \"The Apache WSS4J project provides a Java implementation of the\nprimary security standards for Web Services.\n\";\n\n tag_affected = \"wss4j on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14106\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113791.html\");\n script_summary(\"Check for the Version of wss4j\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"wss4j\", rpm:\"wss4j~1.6.10~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-05T11:10:45", "description": "Check for the Version of cxf", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for cxf FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2018-02-03T00:00:00", "id": "OPENVAS:866453", "href": "http://plugins.openvas.org/nasl.php?oid=866453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cxf FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866453);\n script_version(\"$Revision: 8650 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-03 13:16:59 +0100 (Sat, 03 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:47 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for cxf FEDORA-2013-14159\");\n\n tag_insight = \"Apache CXF is an open-source services framework that aids in\nthe development of services using front-end programming APIs,\nlike JAX-WS and JAX-RS.\n\";\n\n tag_affected = \"cxf on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14159\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113756.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of cxf\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"cxf\", rpm:\"cxf~2.6.9~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:04", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for cxf FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866453", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866453", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cxf FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866453\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:47 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for cxf FEDORA-2013-14159\");\n\n\n script_tag(name:\"affected\", value:\"cxf on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113756.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cxf'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"cxf\", rpm:\"cxf~2.6.9~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:11", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for cxf FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866504", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866504", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for cxf FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866504\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:11:48 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for cxf FEDORA-2013-14106\");\n\n\n script_tag(name:\"affected\", value:\"cxf on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14106\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113793.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'cxf'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"cxf\", rpm:\"cxf~2.6.9~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:37:48", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for jacorb FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866477", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866477", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jacorb FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866477\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:10:50 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for jacorb FEDORA-2013-14106\");\n\n\n script_tag(name:\"affected\", value:\"jacorb on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14106\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113792.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jacorb'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"jacorb\", rpm:\"jacorb~2.3.1~8.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for wss4j FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866511", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866511", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wss4j FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866511\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:14:23 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wss4j FEDORA-2013-14106\");\n\n\n script_tag(name:\"affected\", value:\"wss4j on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14106\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113791.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'wss4j'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"wss4j\", rpm:\"wss4j~1.6.10~1.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:38:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for jacorb FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866455", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866455", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jacorb FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866455\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:52 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for jacorb FEDORA-2013-14159\");\n\n\n script_tag(name:\"affected\", value:\"jacorb on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-14159\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113758.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'jacorb'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"jacorb\", rpm:\"jacorb~2.3.1~8.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-25T10:51:50", "description": "Check for the Version of jacorb", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for jacorb FEDORA-2013-14106", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2017-07-10T00:00:00", "id": "OPENVAS:866477", "href": "http://plugins.openvas.org/nasl.php?oid=866477", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for jacorb FEDORA-2013-14106\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866477);\n script_version(\"$Revision: 6628 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:32:47 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:10:50 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for jacorb FEDORA-2013-14106\");\n\n tag_insight = \"This package contains the Java implementation of the OMG's CORBA standard\n\";\n\n tag_affected = \"jacorb on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14106\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113792.html\");\n script_summary(\"Check for the Version of jacorb\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"jacorb\", rpm:\"jacorb~2.3.1~8.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-02-06T13:10:48", "description": "Check for the Version of wss4j", "cvss3": {}, "published": "2013-08-12T00:00:00", "type": "openvas", "title": "Fedora Update for wss4j FEDORA-2013-14159", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-2160"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:866454", "href": "http://plugins.openvas.org/nasl.php?oid=866454", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for wss4j FEDORA-2013-14159\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866454);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-12 13:12:50 +0530 (Mon, 12 Aug 2013)\");\n script_cve_id(\"CVE-2013-2160\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_name(\"Fedora Update for wss4j FEDORA-2013-14159\");\n\n tag_insight = \"The Apache WSS4J project provides a Java implementation of the\nprimary security standards for Web Services.\n\";\n\n tag_affected = \"wss4j on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-14159\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-August/113757.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of wss4j\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"wss4j\", rpm:\"wss4j~1.6.10~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-01-19T15:08:45", "description": "Check for the Version of openjpa", "cvss3": {}, "published": "2013-08-01T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12960", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2018-01-19T00:00:00", "id": "OPENVAS:866113", "href": "http://plugins.openvas.org/nasl.php?oid=866113", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12960\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866113);\n script_version(\"$Revision: 8466 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-19 07:58:30 +0100 (Fri, 19 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:24:50 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12960\");\n\n tag_insight = \"OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API\n(JSR-317 JPA 2.0) specification for the transparent persistence of\nJava objects.\n\nIt is an object-relational mapping (ORM) solution for the Java language,\nwhich simplifies storing objects in databases.\n\";\n\n tag_affected = \"openjpa on Fedora 18\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-12960\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112055.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of openjpa\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.0~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:23", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-01T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12960", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866113", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866113", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12960\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866113\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:24:50 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12960\");\n\n\n script_tag(name:\"affected\", value:\"openjpa on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-12960\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112055.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openjpa'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.0~3.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:07", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-01T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12967", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866287", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12967\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866287\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:36:42 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12967\");\n\n\n script_tag(name:\"affected\", value:\"openjpa on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-12967\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112024.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openjpa'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.0~3.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:02", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12948", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310866758", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310866758", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12948\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.866758\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:26:16 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12948\");\n\n\n script_tag(name:\"affected\", value:\"openjpa on Fedora 19\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"FEDORA\", value:\"2013-12948\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112029.html\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'openjpa'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC19\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.1~6.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-01-26T11:09:54", "description": "Check for the Version of openjpa", "cvss3": {}, "published": "2013-08-01T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12967", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2018-01-26T00:00:00", "id": "OPENVAS:866287", "href": "http://plugins.openvas.org/nasl.php?oid=866287", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12967\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866287);\n script_version(\"$Revision: 8542 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-26 07:57:28 +0100 (Fri, 26 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-01 18:36:42 +0530 (Thu, 01 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12967\");\n\n tag_insight = \"OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API\n(JSR-317 JPA 2.0) specification for the transparent persistence of\nJava objects.\n\nIt is an object-relational mapping (ORM) solution for the Java language,\nwhich simplifies storing objects in databases.\n\";\n\n tag_affected = \"openjpa on Fedora 17\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-12967\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112024.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of openjpa\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.0~3.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-06T13:10:14", "description": "Check for the Version of openjpa", "cvss3": {}, "published": "2013-08-20T00:00:00", "type": "openvas", "title": "Fedora Update for openjpa FEDORA-2013-12948", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1768"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:866758", "href": "http://plugins.openvas.org/nasl.php?oid=866758", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for openjpa FEDORA-2013-12948\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\nif(description)\n{\n script_id(866758);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-20 15:26:16 +0530 (Tue, 20 Aug 2013)\");\n script_cve_id(\"CVE-2013-1768\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Update for openjpa FEDORA-2013-12948\");\n\n tag_insight = \"OpenJPA is Apache's implementation of Sun's Java Persistence 2.0 API\n(JSR-317 JPA 2.0) specification for the transparent persistence of\nJava objects.\n\nIt is an object-relational mapping (ORM) solution for the Java language,\nwhich simplifies storing objects in databases.\n\";\n\n tag_affected = \"openjpa on Fedora 19\";\n\n tag_solution = \"Please Install the Updated Packages.\";\n\n\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name: \"FEDORA\", value: \"2013-12948\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2013-July/112029.html\");\n script_tag(name: \"summary\" , value: \"Check for the Version of openjpa\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC19\")\n{\n\n if ((res = isrpmvuln(pkg:\"openjpa\", rpm:\"openjpa~2.2.1~6.fc19\", rls:\"FC19\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-02-06T13:10:21", "description": "Check for the Version of rubygem-json", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3052", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2018-02-05T00:00:00", "id": "OPENVAS:865430", "href": "http://plugins.openvas.org/nasl.php?oid=865430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3052\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-json on Fedora 18\";\ntag_insight = \"This is a implementation of the JSON specification according\n to RFC 4627 in Ruby.\n You can think of it as a low fat alternative to XML,\n if you want to store data to disk or transmit it over\n a network rather than use a verbose markup language.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\");\n script_id(865430);\n script_version(\"$Revision: 8672 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-02-05 17:39:18 +0100 (Mon, 05 Feb 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:41 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-3052\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3052\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-json\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-01-18T11:09:17", "description": "Check for the Version of rubygem-json", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3050", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2018-01-17T00:00:00", "id": "OPENVAS:865436", "href": "http://plugins.openvas.org/nasl.php?oid=865436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3050\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"rubygem-json on Fedora 17\";\ntag_insight = \"This is a implementation of the JSON specification according\n to RFC 4627 in Ruby.\n You can think of it as a low fat alternative to XML,\n if you want to store data to disk or transmit it over\n a network rather than use a verbose markup language.\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\");\n script_id(865436);\n script_version(\"$Revision: 8448 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-17 17:18:06 +0100 (Wed, 17 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:34 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"FEDORA\", value: \"2013-3050\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3050\");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of rubygem-json\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:00", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3052", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865430", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865430", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3052\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099688.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865430\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:16:41 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-3052\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3052\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-json'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC18\");\n script_tag(name:\"affected\", value:\"rubygem-json on Fedora 18\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC18\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc18\", rls:\"FC18\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:28", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "Fedora Update for rubygem-json FEDORA-2013-3050", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310865436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310865436", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for rubygem-json FEDORA-2013-3050\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.fedoraproject.org/pipermail/package-announce/2013-March/099698.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.865436\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:17:34 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"FEDORA\", value:\"2013-3050\");\n script_name(\"Fedora Update for rubygem-json FEDORA-2013-3050\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'rubygem-json'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC17\");\n script_tag(name:\"affected\", value:\"rubygem-json on Fedora 17\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC17\")\n{\n\n if ((res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.6.8~1.fc17\", rls:\"FC17\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:23", "description": "Oracle Linux Local Security Checks ELSA-2013-0612", "cvss3": {}, "published": "2015-10-06T00:00:00", "type": "openvas", "title": "Oracle Linux Local Check: ELSA-2013-0612", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821"], "modified": "2018-09-28T00:00:00", "id": "OPENVAS:1361412562310123674", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123674", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2013-0612.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123674\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 14:07:05 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2013-0612\");\n script_tag(name:\"insight\", value:\"ELSA-2013-0612 - ruby security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2013-0612\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2013-0612.html\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux6\")\n{\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~10.el6_4\", rls:\"OracleLinux6\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:51:26", "description": "Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821 \nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073 \nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via valid certificate issued by a\ntrusted certification authority.", "cvss3": {}, "published": "2013-08-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2738-1 (ruby1.9.1 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892738", "href": "http://plugins.openvas.org/nasl.php?oid=892738", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2738.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2738-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ruby1.9.1 on Debian Linux\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\nobject-oriented programming. It has many features to process text\nfiles and to do system management tasks (as in perl). It is simple,\nstraight-forward, and extensible.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1.9.2.0-2+deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.9.3.194-8.1+deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.3.194-8.2.\n\nWe recommend that you upgrade your ruby1.9.1 packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821 \nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073 \nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via valid certificate issued by a\ntrusted certification authority.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892738);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4073\");\n script_name(\"Debian Security Advisory DSA 2738-1 (ruby1.9.1 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-08-18 00:00:00 +0200 (Sun, 18 Aug 2013)\");\n script_tag(name: \"cvss_base\", value:\"6.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2738.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9.1-dbg\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-dev\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-elisp\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-examples\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-full\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.9.1-dbg\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-dev\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-examples\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.1-full\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.9.3\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:38:02", "description": "Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821\nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073\nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby", "cvss3": {}, "published": "2013-08-18T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2738-1 (ruby1.9.1 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892738", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892738", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2738.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2738-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892738\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4073\");\n script_name(\"Debian Security Advisory DSA 2738-1 (ruby1.9.1 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-08-18 00:00:00 +0200 (Sun, 18 Aug 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2738.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"ruby1.9.1 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1.9.2.0-2+deb6u1.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.9.3.194-8.1+deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.9.3.194-8.2.\n\nWe recommend that you upgrade your ruby1.9.1 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the interpreter for\nthe Ruby language, which may lead to denial of service and other\nsecurity problems. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821\nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073\nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via valid certificate issued by a\ntrusted certification authority.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.9.1-dbg\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ri1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-dev\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-elisp\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-examples\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-full\", ver:\"1.9.2.0-2+deb6u1\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.9.1-dbg\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtcltk-ruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ri1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-dev\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-examples\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.1-full\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.9.3\", ver:\"1.9.3.194-8.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-06T01:15:52", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2020-05-01T00:00:00", "type": "openvas", "title": "Debian LTS: Security Advisory for ruby2.1 (DLA-2192-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-01T00:00:00", "id": "OPENVAS:1361412562310892192", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892192", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892192\");\n script_version(\"2020-05-01T03:00:18+0000\");\n script_cve_id(\"CVE-2013-0269\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-01 03:00:18 +0000 (Fri, 01 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-01 03:00:18 +0000 (Fri, 01 May 2020)\");\n script_name(\"Debian LTS: Security Advisory for ruby2.1 (DLA-2192-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n\n script_xref(name:\"URL\", value:\"https://lists.debian.org/debian-lts-announce/2020/04/msg00030.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DLA-2192-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby2.1'\n package(s) announced via the DLA-2192-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.1 has an\nunsafe object creation vulnerability.\nThis is quite similar to CVE-2013-0269, but does not rely on poor\ngarbage-collection behavior within Ruby. Specifically, use of JSON\nparsing methods can lead to creation of a malicious object within\nthe interpreter, with adverse effects that are application-dependent.\");\n\n script_tag(name:\"affected\", value:\"'ruby2.1' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For Debian 8 'Jessie', this problem has been fixed in version\n2.1.5-2+deb8u10.\n\nWe recommend that you upgrade your ruby2.1 packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"libruby2.1\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-dev\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-doc\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"ruby2.1-tcltk\", ver:\"2.1.5-2+deb8u10\", rls:\"DEB8\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-17T15:48:20", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-16T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1686)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-06-16T00:00:00", "id": "OPENVAS:1361412562311220201686", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201686", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1686\");\n script_version(\"2020-06-16T05:50:18+0000\");\n script_cve_id(\"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-16 05:50:18 +0000 (Tue, 16 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-16 05:50:18 +0000 (Tue, 16 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1686)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1686\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1686\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1686 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h17\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-07-24T12:51:28", "description": "Several vulnerabilities have been discovered in the interpreter for the\nRuby language. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821 \nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073 \nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via a crafted certificate issued by a\ntrusted certification authority.\n\nCVE-2013-4164 \nCharlie Somerville discovered that Ruby incorrectly handled floating\npoint number conversion. If an application using Ruby accepted\nuntrusted input strings and converted them to floating point\nnumbers, an attacker able to provide such input could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the application.", "cvss3": {}, "published": "2013-12-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2809-1 (ruby1.8 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073", "CVE-2013-4164"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:892809", "href": "http://plugins.openvas.org/nasl.php?oid=892809", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2809.nasl 6611 2017-07-07 12:07:20Z cfischer $\n# Auto-generated from advisory DSA 2809-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\n\ntag_affected = \"ruby1.8 on Debian Linux\";\ntag_insight = \"Ruby is the interpreted scripting language for quick and easy\nobject-oriented programming. It has many features to process text\nfiles and to do system management tasks (as in perl). It is simple,\nstraight-forward, and extensible.\";\ntag_solution = \"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1.8.7.302-2squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.8.7.358-7.1+deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.7.358-9.\n\nWe recommend that you upgrade your ruby1.8 packages.\";\ntag_summary = \"Several vulnerabilities have been discovered in the interpreter for the\nRuby language. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821 \nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073 \nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via a crafted certificate issued by a\ntrusted certification authority.\n\nCVE-2013-4164 \nCharlie Somerville discovered that Ruby incorrectly handled floating\npoint number conversion. If an application using Ruby accepted\nuntrusted input strings and converted them to floating point\nnumbers, an attacker able to provide such input could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the application.\";\ntag_vuldetect = \"This check tests the installed software version using the apt package manager.\";\n\nif(description)\n{\n script_id(892809);\n script_version(\"$Revision: 6611 $\");\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2013-4073\");\n script_name(\"Debian Security Advisory DSA 2809-1 (ruby1.8 - several vulnerabilities)\");\n script_tag(name: \"last_modification\", value:\"$Date: 2017-07-07 14:07:20 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value:\"2013-12-04 00:00:00 +0100 (Wed, 04 Dec 2013)\");\n script_tag(name: \"cvss_base\", value:\"6.8\");\n script_tag(name: \"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2013/dsa-2809.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: tag_affected);\n script_tag(name: \"insight\", value: tag_insight);\n# script_tag(name: \"impact\", value: tag_impact);\n script_tag(name: \"solution\", value: tag_solution);\n script_tag(name: \"summary\", value: tag_summary);\n script_tag(name: \"vuldetect\", value: tag_vuldetect);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"ruby1.8-full\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:51:48", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2013:0612-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821", "CVE-2011-1005"], "modified": "2017-07-12T00:00:00", "id": "OPENVAS:870951", "href": "http://plugins.openvas.org/nasl.php?oid=870951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2013:0612-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n It was found that the RHSA-2011:0910 update did not correctly fix the\n CVE-2011-1005 issue, a flaw in the method for translating an exception\n message into a string in the Exception class. A remote attacker could use\n this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\n code to modify arbitrary, trusted (untainted) strings, which safe level 4\n restrictions would otherwise prevent. (CVE-2012-4481)\n\n The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\n\ntag_affected = \"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00024.html\");\n script_id(870951);\n script_version(\"$Revision: 6687 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:46:43 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:25 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\", \"CVE-2011-1005\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"RHSA\", value: \"2013:0612-01\");\n script_name(\"RedHat Update for ruby RHSA-2013:0612-01\");\n\n script_summary(\"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-03-17T23:02:01", "description": "The remote host is missing an update announced via the referenced Security Advisory.", "cvss3": {}, "published": "2015-09-08T00:00:00", "type": "openvas", "title": "Amazon Linux: Security Advisory (ALAS-2013-173)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821", "CVE-2011-1005"], "modified": "2020-03-13T00:00:00", "id": "OPENVAS:1361412562310120557", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310120557", "sourceData": "# Copyright (C) 2015 Eero Volotinen\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of their respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.120557\");\n script_version(\"2020-03-13T13:19:50+0000\");\n script_tag(name:\"creation_date\", value:\"2015-09-08 13:29:32 +0200 (Tue, 08 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"2020-03-13 13:19:50 +0000 (Fri, 13 Mar 2020)\");\n script_name(\"Amazon Linux: Security Advisory (ALAS-2013-173)\");\n script_tag(name:\"insight\", value:\"Multiple flaws were found in Ruby. Please see the references for more information.\");\n script_tag(name:\"solution\", value:\"Run yum update ruby to update your system.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://alas.aws.amazon.com/ALAS-2013-173.html\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2011-1005\", \"CVE-2013-1821\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/amazon_linux\", \"ssh/login/release\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"The remote host is missing an update announced via the referenced Security Advisory.\");\n script_copyright(\"Copyright (C) 2015 Eero Volotinen\");\n script_family(\"Amazon Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"AMAZON\") {\n if(!isnull(res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.371~2.25.amzn1\", rls:\"AMAZON\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:38:14", "description": "Several vulnerabilities have been discovered in the interpreter for the\nRuby language. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821\nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073\nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby", "cvss3": {}, "published": "2013-12-04T00:00:00", "type": "openvas", "title": "Debian Security Advisory DSA 2809-1 (ruby1.8 - several vulnerabilities)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-1821", "CVE-2013-4073", "CVE-2013-4164"], "modified": "2019-03-18T00:00:00", "id": "OPENVAS:1361412562310892809", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310892809", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_2809.nasl 14276 2019-03-18 14:43:56Z cfischer $\n# Auto-generated from advisory DSA 2809-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.892809\");\n script_version(\"$Revision: 14276 $\");\n script_cve_id(\"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2013-4073\");\n script_name(\"Debian Security Advisory DSA 2809-1 (ruby1.8 - several vulnerabilities)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:43:56 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-12-04 00:00:00 +0100 (Wed, 04 Dec 2013)\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2013/dsa-2809.html\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(6|7)\");\n script_tag(name:\"affected\", value:\"ruby1.8 on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the oldstable distribution (squeeze), these problems have been fixed in\nversion 1.8.7.302-2squeeze2.\n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 1.8.7.358-7.1+deb7u1.\n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 1.8.7.358-9.\n\nWe recommend that you upgrade your ruby1.8 packages.\");\n script_tag(name:\"summary\", value:\"Several vulnerabilities have been discovered in the interpreter for the\nRuby language. The Common Vulnerabilities and Exposures project\nidentifies the following problems:\n\nCVE-2013-1821\nBen Murphy discovered that unrestricted entity expansion in REXML\ncan lead to a Denial of Service by consuming all host memory.\n\nCVE-2013-4073\nWilliam (B.J.) Snow Orvis discovered a vulnerability in the hostname\nchecking in Ruby's SSL client that could allow man-in-the-middle\nattackers to spoof SSL servers via a crafted certificate issued by a\ntrusted certification authority.\n\nCVE-2013-4164\nCharlie Somerville discovered that Ruby incorrectly handled floating\npoint number conversion. If an application using Ruby accepted\nuntrusted input strings and converted them to floating point\nnumbers, an attacker able to provide such input could cause the\napplication to crash or, possibly, execute arbitrary code with the\nprivileges of the application.\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software version using the apt package manager.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-elisp\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.302-2squeeze2\", rls:\"DEB6\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libruby1.8-dbg\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libtcltk-ruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ri1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-dev\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-examples\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"ruby1.8-full\", ver:\"1.8.7.358-7.1+deb7u1\", rls:\"DEB7\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:38:26", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2013:0612 centos6", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821", "CVE-2011-1005"], "modified": "2019-03-15T00:00:00", "id": "OPENVAS:1361412562310881652", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310881652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2013:0612 centos6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://lists.centos.org/pipermail/centos-announce/2013-March/019633.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.881652\");\n script_version(\"$Revision: 14222 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 13:50:48 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:00:15 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\", \"CVE-2011-1005\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"CESA\", value:\"2013:0612\");\n script_name(\"CentOS Update for ruby CESA-2013:0612 centos6\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\", re:\"ssh/login/release=CentOS6\");\n script_tag(name:\"affected\", value:\"ruby on CentOS 6\");\n script_tag(name:\"solution\", value:\"Please install the updated packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n It was found that the RHSA-2011:0910 update did not correctly fix the\n CVE-2011-1005 issue, a flaw in the method for translating an exception\n message into a string in the Exception class. A remote attacker could use\n this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\n code to modify arbitrary, trusted (untainted) strings, which safe level 4\n restrictions would otherwise prevent. (CVE-2012-4481)\n\n The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2019-05-29T18:37:59", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-03-08T00:00:00", "type": "openvas", "title": "RedHat Update for ruby RHSA-2013:0612-01", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821", "CVE-2011-1005"], "modified": "2018-11-23T00:00:00", "id": "OPENVAS:1361412562310870951", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310870951", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# RedHat Update for ruby RHSA-2013:0612-01\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"https://www.redhat.com/archives/rhsa-announce/2013-March/msg00024.html\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.870951\");\n script_version(\"$Revision: 12497 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-11-23 09:28:21 +0100 (Fri, 23 Nov 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-08 10:18:25 +0530 (Fri, 08 Mar 2013)\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\", \"CVE-2011-1005\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name:\"RHSA\", value:\"2013:0612-01\");\n script_name(\"RedHat Update for ruby RHSA-2013:0612-01\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\", re:\"ssh/login/release=RHENT_6\");\n script_tag(name:\"affected\", value:\"ruby on Red Hat Enterprise Linux Desktop (v. 6),\n Red Hat Enterprise Linux Server (v. 6),\n Red Hat Enterprise Linux Workstation (v. 6)\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n\n It was found that the RHSA-2011:0910 update did not correctly fix the\n CVE-2011-1005 issue, a flaw in the method for translating an exception\n message into a string in the Exception class. A remote attacker could use\n this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\n code to modify arbitrary, trusted (untainted) strings, which safe level 4\n restrictions would otherwise prevent. (CVE-2012-4481)\n\n The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"RHENT_6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-debuginfo\", rpm:\"ruby-debuginfo~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~10.el6_4\", rls:\"RHENT_6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2018-01-18T11:09:41", "description": "Check for the Version of ruby", "cvss3": {}, "published": "2013-03-12T00:00:00", "type": "openvas", "title": "CentOS Update for ruby CESA-2013:0612 centos6 ", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2013-1821", "CVE-2011-1005"], "modified": "2018-01-18T00:00:00", "id": "OPENVAS:881652", "href": "http://plugins.openvas.org/nasl.php?oid=881652", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for ruby CESA-2013:0612 centos6 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Ruby is an extensible, interpreted, object-oriented, scripting language. It\n has features to process text files and to do system management tasks.\n\n It was discovered that Ruby's REXML library did not properly restrict XML\n entity expansion. An attacker could use this flaw to cause a denial of\n service by tricking a Ruby application using REXML to read text nodes from\n specially-crafted XML content, which will result in REXML consuming large\n amounts of system memory. (CVE-2013-1821)\n \n It was found that the RHSA-2011:0910 update did not correctly fix the\n CVE-2011-1005 issue, a flaw in the method for translating an exception\n message into a string in the Exception class. A remote attacker could use\n this flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\n code to modify arbitrary, trusted (untainted) strings, which safe level 4\n restrictions would otherwise prevent. (CVE-2012-4481)\n \n The CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n \n All users of Ruby are advised to upgrade to these updated packages, which\n contain backported patches to resolve these issues.\";\n\n\ntag_affected = \"ruby on CentOS 6\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.centos.org/pipermail/centos-announce/2013-March/019633.html\");\n script_id(881652);\n script_version(\"$Revision: 8456 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-01-18 07:58:40 +0100 (Thu, 18 Jan 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-03-12 10:00:15 +0530 (Tue, 12 Mar 2013)\");\n script_cve_id(\"CVE-2012-4481\", \"CVE-2013-1821\", \"CVE-2011-1005\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"CESA\", value: \"2013:0612\");\n script_name(\"CentOS Update for ruby CESA-2013:0612 centos6 \");\n\n script_tag(name: \"summary\" , value: \"Check for the Version of ruby\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS6\")\n{\n\n if ((res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-devel\", rpm:\"ruby-devel~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-docs\", rpm:\"ruby-docs~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-rdoc\", rpm:\"ruby-rdoc~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-ri\", rpm:\"ruby-ri~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-static\", rpm:\"ruby-static~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"ruby-tcltk\", rpm:\"ruby-tcltk~1.8.7.352~10.el6_4\", rls:\"CentOS6\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2020-06-03T15:43:39", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-05-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1590)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10933", "CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562311220201590", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201590", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1590\");\n script_version(\"2020-05-29T10:19:35+0000\");\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 10:19:35 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-26 05:46:00 +0000 (Tue, 26 May 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1590)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1590\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1590\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1590 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\n\n\nAn issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-04T15:44:25", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1615)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2013-0269", "CVE-2020-10663", "CVE-2019-16201"], "modified": "2020-06-03T00:00:00", "id": "OPENVAS:1361412562311220201615", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201615", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1615\");\n script_version(\"2020-06-03T06:06:07+0000\");\n script_cve_id(\"CVE-2019-16201\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-06-03 06:06:07 +0000 (Wed, 03 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-03 06:06:07 +0000 (Wed, 03 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1615)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1615\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1615\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1615 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\n\nWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h25.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-06-29T17:55:21", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-06-26T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1691)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10933", "CVE-2013-0269", "CVE-2020-10663"], "modified": "2020-06-26T00:00:00", "id": "OPENVAS:1361412562311220201691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201691", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1691\");\n script_version(\"2020-06-26T07:26:53+0000\");\n script_cve_id(\"CVE-2020-10663\", \"CVE-2020-10933\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:P/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-06-26 07:26:53 +0000 (Fri, 26 Jun 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-06-26 07:26:53 +0000 (Fri, 26 Jun 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1691)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1691\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1691\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1691 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocket#read_nonblock(requested_size, buffer, exception: false), the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous value of the heap. This may expose possibly sensitive data from the interpreter.(CVE-2020-10933)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.5.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.3.4~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.6~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~2.1.0~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-openssl\", rpm:\"rubygem-openssl~2.1.0~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~3.0.2~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~6.0.1~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.7.6~98.h8.eulerosv2r8\", rls:\"EULEROSVIRTARM64-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2017-12-04T11:21:55", "description": "Check for the Version of ruby1.9.1", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.9.1 USN-1733-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2017-12-01T00:00:00", "id": "OPENVAS:841320", "href": "http://plugins.openvas.org/nasl.php?oid=841320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1733_1.nasl 7958 2017-12-01 06:47:47Z santu $\n#\n# Ubuntu Update for ruby1.9.1 USN-1733-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\n predictable hash values. An attacker could use this issue to generate hash\n collisions and cause a denial of service. (CVE-2012-5371)\n\n Evgeny Ermakov discovered that documentation generated by rdoc is\n vulnerable to a cross-site scripting issue. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing a specially crafted\n page, a remote attacker could exploit this to modify the contents, or steal\n confidential data, within the same domain. (CVE-2013-0256)\n \n Thomas Hollstegge and Ben Murphy discovered that the JSON implementation\n in Ruby incorrectly handled certain crafted documents. An attacker could\n use this issue to cause a denial of service or bypass certain protection\n mechanisms. (CVE-2013-0269)\";\n\n\ntag_affected = \"ruby1.9.1 on Ubuntu 12.10 ,\n Ubuntu 12.04 LTS\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-1733-1/\");\n script_id(841320);\n script_version(\"$Revision: 7958 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 07:47:47 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:12:12 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name: \"USN\", value: \"1733-1\");\n script_name(\"Ubuntu Update for ruby1.9.1 USN-1733-1\");\n\n script_summary(\"Check for the Version of ruby1.9.1\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:37:51", "description": "The remote host is missing an update for the ", "cvss3": {}, "published": "2013-02-22T00:00:00", "type": "openvas", "title": "Ubuntu Update for ruby1.9.1 USN-1733-1", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-5371", "CVE-2013-0256", "CVE-2013-0269"], "modified": "2019-03-13T00:00:00", "id": "OPENVAS:1361412562310841320", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310841320", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_1733_1.nasl 14132 2019-03-13 09:25:59Z cfischer $\n#\n# Ubuntu Update for ruby1.9.1 USN-1733-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_xref(name:\"URL\", value:\"http://www.ubuntu.com/usn/usn-1733-1/\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.841320\");\n script_version(\"$Revision: 14132 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-13 10:25:59 +0100 (Wed, 13 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2013-02-22 10:12:12 +0530 (Fri, 22 Feb 2013)\");\n script_cve_id(\"CVE-2012-5371\", \"CVE-2013-0256\", \"CVE-2013-0269\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_xref(name:\"USN\", value:\"1733-1\");\n script_name(\"Ubuntu Update for ruby1.9.1 USN-1733-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ruby1.9.1'\n package(s) announced via the referenced advisory.\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=UBUNTU(12\\.04 LTS|12\\.10)\");\n script_tag(name:\"affected\", value:\"ruby1.9.1 on Ubuntu 12.10,\n Ubuntu 12.04 LTS\");\n script_tag(name:\"solution\", value:\"Please Install the Updated Packages.\");\n script_tag(name:\"insight\", value:\"Jean-Philippe Aumasson discovered that Ruby incorrectly generated\n predictable hash values. An attacker could use this issue to generate hash\n collisions and cause a denial of service. (CVE-2012-5371)\n\n Evgeny Ermakov discovered that documentation generated by rdoc is\n vulnerable to a cross-site scripting issue. With cross-site scripting\n vulnerabilities, if a user were tricked into viewing a specially crafted\n page, a remote attacker could exploit this to modify the contents, or steal\n confidential data, within the same domain. (CVE-2013-0256)\n\n Thomas Hollstegge and Ben Murphy discovered that the JSON implementation\n in Ruby incorrectly handled certain crafted documents. An attacker could\n use this issue to cause a denial of service or bypass certain protection\n mechanisms. (CVE-2013-0269)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"UBUNTU12.04 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.0-1ubuntu2.5\", rls:\"UBUNTU12.04 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n\n\nif(release == \"UBUNTU12.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"ruby1.9.1\", ver:\"1.9.3.194-1ubuntu1.3\", rls:\"UBUNTU12.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:36:05", "description": "Gentoo Linux Local Security Checks GLSA 201412-27", "cvss3": {}, "published": "2015-09-29T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201412-27", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2012-4481", "CVE-2012-5371", "CVE-2011-0188", "CVE-2013-0269", "CVE-2014-8090", "CVE-2013-1821", "CVE-2011-1005", "CVE-2014-8080", "CVE-2011-1004", "CVE-2013-4164", "CVE-2011-4815"], "modified": "2018-10-26T00:00:00", "id": "OPENVAS:1361412562310121313", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121313", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa-201412-27.nasl 12128 2018-10-26 13:35:25Z cfischer $\n#\n# Gentoo Linux security check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.121313\");\n script_version(\"$Revision: 12128 $\");\n script_tag(name:\"creation_date\", value:\"2015-09-29 11:28:15 +0300 (Tue, 29 Sep 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-26 15:35:25 +0200 (Fri, 26 Oct 2018) $\");\n script_name(\"Gentoo Security Advisory GLSA 201412-27\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been discovered in Ruby. Please review the CVE identifiers referenced below for details.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name:\"URL\", value:\"https://security.gentoo.org/glsa/201412-27\");\n script_cve_id(\"CVE-2011-0188\", \"CVE-2011-1004\", \"CVE-2011-1005\", \"CVE-2011-4815\", \"CVE-2012-4481\", \"CVE-2012-5371\", \"CVE-2013-0269\", \"CVE-2013-1821\", \"CVE-2013-4164\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_category(ACT_GATHER_INFO);\n script_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks GLSA 201412-27\");\n script_copyright(\"Eero Volotinen\");\n script_family(\"Gentoo Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(\"ge 1.9.3_p551\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(\"ge 2.0.0_p598\"), vulnerable: make_list() )) != NULL) {\n\n report += res;\n}\nif((res=ispkgvuln(pkg:\"dev-lang/ruby\", unaffected: make_list(), vulnerable: make_list(\"lt 2.0.0_p598\"))) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:36:40", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-01-23T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1374)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2014-8090", "CVE-2014-4975", "CVE-2013-1821", "CVE-2014-8080"], "modified": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220181374", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220181374", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2018.1374\");\n script_version(\"2020-01-23T11:23:43+0000\");\n script_cve_id(\"CVE-2014-4975\", \"CVE-2014-8080\", \"CVE-2014-8090\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:N/A:N\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:23:43 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:23:43 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2018-1374)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.1\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2018-1374\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1374\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2018-1374 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The REXML parser in Ruby 1.9.x before 1.9.3-p550, 2.0.x before 2.0.0-p594, and 2.1.x before 2.1.4 allows remote attackers to cause a denial of service (memory consumption) via a crafted XML document, aka an XML Entity Expansion (XEE) attack.CVE-2014-8080\n\nThe REXML parser in Ruby 1.9.x before 1.9.3 patchlevel 551, 2.0.x before 2.0.0 patchlevel 598, and 2.1.x before 2.1.5 allows remote attackers to cause a denial of service (CPU and memory consumption) a crafted XML document containing an empty string in an entity that is used in a large number of nested entity references, aka an XML Entity Expansion (XEE) attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-1821 and CVE-2014-8080.CVE-2014-8090\n\nOff-by-one error in the encodes function in pack.c in Ruby 1.9.3 and earlier, and 2.x through 2.1.2, when using certain format string specifiers, allows context-dependent attackers to cause a denial of service (segmentation fault) via vectors that trigger a stack-based buffer overflow.(CVE-2014-4975)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization 2.5.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.353~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.353~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.353~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14~23.h9\", rls:\"EULEROSVIRT-2.5.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-07-21T19:54:19", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "cvss3": {}, "published": "2020-07-03T00:00:00", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1717)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-15845", "CVE-2019-19204", "CVE-2013-0269", "CVE-2020-10663", "CVE-2019-16255", "CVE-2019-16201"], "modified": "2020-07-03T00:00:00", "id": "OPENVAS:1361412562311220201717", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201717", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1717\");\n script_version(\"2020-07-03T06:18:33+0000\");\n script_cve_id(\"CVE-2019-15845\", \"CVE-2019-16201\", \"CVE-2019-16255\", \"CVE-2019-19204\", \"CVE-2020-10663\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-07-03 06:18:33 +0000 (Fri, 03 Jul 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-07-03 06:18:33 +0000 (Fri, 03 Jul 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ruby (EulerOS-SA-2020-1717)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.6\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1717\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1717\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ruby' package(s) announced via the EulerOS-SA-2020-1717 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function fetch_interval_quantifier (formerly known as fetch_range_quantifier) in regparse.c, PFETCH is called without checking PEND. This leads to a heap-based buffer over-read.(CVE-2019-19204)\n\nRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the 'command' argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. An attacker can exploit this to call an arbitrary Ruby method.(CVE-2019-16255)\n\nRuby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking within File.fnmatch functions.(CVE-2019-15845)\n\nWEBrick::HTTPAuth::DigestAuth in Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 has a regular expression Denial of Service cause by looping/backtracking. A victim must expose a WEBrick server that uses DigestAuth to the Internet or a untrusted network.(CVE-2019-16201)\n\nThe JSON gem through 2.2.0 for Ruby, as used in Ruby 2.4 through 2.4.9, 2.5 through 2.5.7, and 2.6 through 2.6.5, has an Unsafe Object Creation Vulnerability. This is quite similar to CVE-2013-0269, but does not rely on poor garbage-collection behavior within Ruby. Specifically, use of JSON parsing methods can lead to creation of a malicious object within the interpreter, with adverse effects that are application-dependent.(CVE-2020-10663)\");\n\n script_tag(name:\"affected\", value:\"'ruby' package(s) on Huawei EulerOS Virtualization 3.0.6.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.6.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby\", rpm:\"ruby~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-irb\", rpm:\"ruby-irb~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ruby-libs\", rpm:\"ruby-libs~2.0.0.648~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-bigdecimal\", rpm:\"rubygem-bigdecimal~1.2.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-io-console\", rpm:\"rubygem-io-console~0.4.2~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-json\", rpm:\"rubygem-json~1.7.7~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-psych\", rpm:\"rubygem-psych~2.0.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygem-rdoc\", rpm:\"rubygem-rdoc~4.0.0~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"rubygems\", rpm:\"rubygems~2.0.14.1~33.h25\", rls:\"EULEROSVIRT-3.0.6.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "centos": [{"lastseen": "2023-01-01T04:45:01", "description": "**CentOS Errata and Security Advisory** CESA-2013:0611\n\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nAll users of Ruby are advised to upgrade to these updated packages, which\ncontain backported patches to resolve this issue.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2013-March/068744.html\nhttps://lists.centos.org/pipermail/centos-announce/2013-March/081433.html\n\n**Affected packages:**\nruby\nruby-devel\nruby-docs\nruby-irb\nruby-libs\nruby-mode\nruby-rdoc\nruby-ri\nruby-tcltk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2013:0611", "cvss3": {}, "published": "2013-03-08T00:25:53", "type": "centos", "title": "ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2013-1821"], "modified": "2013-03-08T16:41:19", "id": "CESA-2013:0611", "href": "https://lists.centos.org/pipermail/centos-announce/2013-March/068744.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-01-01T04:45:18", "description": "**CentOS Errata and Security Advisory** CESA-2013:0612\n\n\nRuby is an extensible, interpreted, object-oriented, scripting language. It\nhas features to process text files and to do system management tasks.\n\nIt was discovered that Ruby's REXML library did not properly restrict XML\nentity expansion. An attacker could use this flaw to cause a denial of\nservice by tricking a Ruby application using REXML to read text nodes from\nspecially-crafted XML content, which will result in REXML consuming large\namounts of system memory. (CVE-2013-1821)\n\nIt was found that the RHSA-2011:0910 update did not correctly fix the\nCVE-2011-1005 issue, a flaw in the method for translating an exception\nmessage into a string in the Exception class. A remote attacker could use\nthis flaw to bypass safe level 4 restrictions, allowing untrusted (tainted)\ncode to modify arbitrary, trusted (untainted) strings, which safe level 4\nrestrictions would otherwise prevent. (CVE-2012-4481)\n\nThe CVE-2012-4481 issue was discovered by Vit Ondruch of Red Hat.\n\nAll users of Ruby are advised to upgrade to these updated packages, which\ncontain backported patches to resolve these issues.\n\n\n**Merged security bulletin from advisories:**\nhttps://lists.centos.org/pipermail/centos-announce/2013-March/069108.html\n\n**Affected packages:**\nruby\nruby-devel\nruby-docs\nruby-irb\nruby-libs\nruby-rdoc\nruby-ri\nruby-static\nruby-tcltk\n\n**Upstream details at:**\nhttps://access.redhat.com/errata/RHSA-2013:0612", "cvss3": {}, "published": "2013-03-09T00:47:26", "type": "centos", "title": "ruby security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NET

(RHSA-2013:1185) Important: Red Hat JBoss Fuse 6.0.0 patch 2

Description

Related