ID RHSA-2018:3514 Type redhat Reporter RedHat Modified 2018-11-06T20:47:41
Description
Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.
Security Fix(es):
xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
{"id": "RHSA-2018:3514", "hash": "8fdd0c767830602e043837c1d007c9df", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3514) Moderate: xerces-c security update", "description": "Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-11-06T20:43:00", "modified": "2018-11-06T20:47:41", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://access.redhat.com/errata/RHSA-2018:3514", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2016-4463"], "lastseen": "2019-05-29T14:35:31", "history": [{"bulletin": {"id": "RHSA-2018:3514", "hash": "8359c055dd5449dd816d61a95f0d02b1", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3514) Moderate: xerces-c security update", "description": "Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-11-06T20:43:00", "modified": "2018-11-06T20:47:41", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2018:3514", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2016-4463"], "lastseen": "2018-11-06T16:38:02", "history": [], "viewCount": 557, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-11-06T16:38:02"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "arch": "i686", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64le", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390x", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "src", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.src.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "x86_64", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "i686", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64le", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390x", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "x86_64", "packageName": "xerces-c-debuginfo", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-debuginfo-3.1.1-8.el7_4.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "i686", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.i686.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.ppc.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.ppc64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "ppc64le", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.ppc64le.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.s390.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "s390x", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.s390x.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "x86_64", "packageName": "xerces-c-devel", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-devel-3.1.1-8.el7_4.1.x86_64.rpm", "operator": "lt"}, {"OS": "RedHat", "OSVersion": "7", "arch": "noarch", "packageName": "xerces-c-doc", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-doc-3.1.1-8.el7_4.1.noarch.rpm", "operator": "lt"}]}, "lastseen": "2018-11-06T16:38:02", "differentElements": ["affectedPackage"], "edition": 1}, {"bulletin": {"id": "RHSA-2018:3514", "hash": "e13b5a35d739a7ca41db46395e233112", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2018:3514) Moderate: xerces-c security update", "description": "Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2018-11-06T20:43:00", "modified": "2018-11-06T20:47:41", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2018:3514", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2016-4463"], "lastseen": "2018-12-11T21:42:45", "history": [], "viewCount": 557, "enchantments": {"score": {"value": 7.5, "vector": "NONE", "modified": "2018-12-11T21:42:45"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-4463"]}, {"type": "f5", "idList": ["F5:K70191975", "SOL70191975"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105898", "OPENVAS:703610", "OPENVAS:1361412562310703610", "OPENVAS:1361412562310875670", "OPENVAS:1361412562310808571", "OPENVAS:1361412562310808543", "OPENVAS:1361412562310808555", "OPENVAS:1361412562310808566", "OPENVAS:1361412562310808558", "OPENVAS:1361412562310808565"]}, {"type": "nessus", "idList": ["SL_20181030_XERCES_C_ON_SL7_X.NASL", "F5_BIGIP_SOL70191975.NASL", "EULEROS_SA-2018-1395.NASL", "REDHAT-RHSA-2018-3506.NASL", "REDHAT-RHSA-2018-3335.NASL", "DEBIAN_DSA-3610.NASL", "AL2_ALAS-2018-1124.NASL", "CENTOS_RHSA-2018-3335.NASL", "EULEROS_SA-2018-1422.NASL", "DEBIAN_DLA-535.NASL"]}, {"type": "archlinux", "idList": ["ASA-201607-2"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3610-1:14B0F", "DEBIAN:DLA-535-1:80CD0"]}, {"type": "redhat", "idList": ["RHSA-2018:3335", "RHSA-2018:3506"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3335"]}, {"type": "centos", "idList": ["CESA-2018:3335"]}, {"type": "freebsd", "idList": ["CB09A7AA-5344-11E6-A7BD-14DAE9D210B8"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018-4258247"]}], "modified": "2018-12-11T21:42:45"}}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "arch": "i686", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.i686.rpm", "operator": "lt"}]}, "lastseen": "2018-12-11T21:42:45", "differentElements": ["cvss"], "edition": 2}], "viewCount": 557, "enchantments": {"score": {"value": 4.8, "vector": "NONE", "modified": "2019-05-29T14:35:31"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-4463"]}, {"type": "f5", "idList": ["SOL70191975", "F5:K70191975"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310105898", "OPENVAS:703610", "OPENVAS:1361412562310703610", "OPENVAS:1361412562310808571", "OPENVAS:1361412562310875670", "OPENVAS:1361412562310808555", "OPENVAS:1361412562310808543", "OPENVAS:1361412562310808566", "OPENVAS:1361412562310808558", "OPENVAS:1361412562310808565"]}, {"type": "nessus", "idList": ["F5_BIGIP_SOL70191975.NASL", "REDHAT-RHSA-2018-3506.NASL", "SL_20181030_XERCES_C_ON_SL7_X.NASL", "EULEROS_SA-2018-1395.NASL", "EULEROS_SA-2018-1422.NASL", "DEBIAN_DLA-535.NASL", "CENTOS_RHSA-2018-3335.NASL", "REDHAT-RHSA-2018-3514.NASL", "ORACLELINUX_ELSA-2018-3335.NASL", "AL2_ALAS-2018-1124.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-3610-1:14B0F", "DEBIAN:DLA-535-1:80CD0"]}, {"type": "archlinux", "idList": ["ASA-201607-2"]}, {"type": "redhat", "idList": ["RHSA-2018:3335", "RHSA-2018:3506"]}, {"type": "centos", "idList": ["CESA-2018:3335"]}, {"type": "oraclelinux", "idList": ["ELSA-2018-3335"]}, {"type": "freebsd", "idList": ["CB09A7AA-5344-11E6-A7BD-14DAE9D210B8"]}, {"type": "oracle", "idList": ["ORACLE:CPUJUL2018-4258247"]}], "modified": "2019-05-29T14:35:31"}, "vulnersScore": 4.8}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "7", "arch": "i686", "packageName": "xerces-c", "packageVersion": "3.1.1-8.el7_4.1", "packageFilename": "xerces-c-3.1.1-8.el7_4.1.i686.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2019-05-29T18:15:36", "bulletinFamily": "NVD", "description": "Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.", "modified": "2018-11-07T11:29:00", "id": "CVE-2016-4463", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-4463", "published": "2016-07-08T19:59:00", "title": "CVE-2016-4463", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "f5": [{"lastseen": "2017-06-08T06:18:13", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 612393 (BIG-IP), ID 599815 (Enterprise Manager), and ID 595939 (ARX) to this vulnerability. Additionally, [BIG-IP iHealth](<http://www.f5.com/support/support-tools/big-ip-ihealth/>) may list Heuristic H615876 on the **Diagnostics** > **Identified** > **Medium** screen.\n\nTo determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases or hotfixes that address the vulnerability, refer to the following table:\n\nProduct| Versions known to be vulnerable| Versions known to be not vulnerable| Severity| Vulnerable component or feature \n---|---|---|---|--- \nBIG-IP LTM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP AAM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP AFM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP Analytics| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1| Not vulnerable| None \nBIG-IP APM| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| 11.2.1 \n10.2.1 - 10.2.4| Medium| **PolicySync** and the **samlidpd** daemon \nBIG-IP ASM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP DNS| None| 12.0.0 - 12.1.1| Not vulnerable| None \nBIG-IP Edge Gateway| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP GTM| None| 11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP Link Controller| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1 \n11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP PEM| None| 12.0.0 - 12.1.1 \n11.4.0 - 11.6.1| Not vulnerable| None \nBIG-IP PSM| None| 11.4.0 - 11.4.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebAccelerator| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WOM| None| 11.2.1 \n10.2.1 - 10.2.4| Not vulnerable| None \nBIG-IP WebSafe| None| 12.0.0 - 12.1.1 \n11.6.0 - 11.6.1| Not Vulnerable| None \nARX| 6.2.0 - 6.4.0| None| Low| XML parser \nEnterprise Manager| 3.1.1| None| Medium| EM daemons \nFirePass| None| 7.0.0| Not vulnerable| None \nBIG-IQ Cloud| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Device| None| 4.2.0 - 4.5.0| Not vulnerable| None \nBIG-IQ Security| None| 4.0.0 - 4.5.0| Not vulnerable| None \nBIG-IQ ADC| None| 4.5.0| Not vulnerable| None \nBIG-IQ Centralized Management| None| 5.0.0 \n4.6.0| Not vulnerable| None \nBIG-IQ Cloud and Orchestration| None| 1.0.0| Not vulnerable| None \nF5 iWorkflow| None| 2.0.0| Not vulnerable| None \nLineRate| None| 2.5.0 - 2.6.1| Not vulnerable| None \nTraffix SDC| None| 5.0.0 \n4.0.0 - 4.4.0| Not vulnerable| None\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to [K21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems](<https://support.f5.com/csp/article/K21232150>).\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products only over a secure network and limit shell access to only trusted users. For more information, refer to [K13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x)](<https://support.f5.com/csp/article/K13309>) and [K13092: Overview of securing access to the BIG-IP system](<https://support.f5.com/csp/article/K13092>).\n\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 12.x)](<https://support.f5.com/csp/article/K13123>)\n * [K9502: BIG-IP hotfix matrix](<https://support.f5.com/csp/article/K9502>)\n", "modified": "2017-03-14T22:30:00", "published": "2016-09-15T21:28:00", "href": "https://support.f5.com/csp/article/K70191975", "id": "F5:K70191975", "title": "Apache Xerces vulnerability CVE-2016-4463", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2016-09-26T17:23:17", "bulletinFamily": "software", "description": "Vulnerability Recommended Actions\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Versions known to be not vulnerable** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nTo determine the necessary upgrade path for your BIG-IQ system, you should understand the BIG-IQ product offering name changes. For more information, refer to SOL21232150: Considerations for upgrading BIG-IQ or F5 iWorkflow systems.\n\nMitigation\n\nTo mitigate this vulnerability, you should permit management access to F5 products only over a secure network and limit shell access to only trusted users. For more information, refer to SOL13309: Restricting access to the Configuration utility by source IP address (11.x - 12.x) and SOL13092: Overview of securing access to the BIG-IP system.\n\nSupplemental Information\n\n * SOL9970: Subscribing to email notifications regarding F5 products\n * SOL9957: Creating a custom RSS feed to view new and updated documents\n * SOL4602: Overview of the F5 security vulnerability response policy\n * SOL4918: Overview of the F5 critical issue hotfix policy\n * SOL167: Downloading software and firmware from F5\n * SOL13123: Managing BIG-IP product hotfixes (11.x - 12.x)\n * SOL9502: BIG-IP hotfix matrix\n", "modified": "2016-09-15T00:00:00", "published": "2016-09-15T00:00:00", "id": "SOL70191975", "href": "http://support.f5.com/kb/en-us/solutions/public/k/70/sol70191975.html", "type": "f5", "title": "SOL70191975 - Apache Xerces vulnerability CVE-2016-4463", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2019-05-29T18:35:06", "bulletinFamily": "scanner", "description": "Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.", "modified": "2018-10-24T00:00:00", "published": "2016-09-22T00:00:00", "id": "OPENVAS:1361412562310105898", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310105898", "title": "F5 BIG-IP - SOL70191975 - Apache Xerces vulnerability CVE-2016-4463", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_f5_big_ip_sol70191975.nasl 12051 2018-10-24 09:14:54Z asteins $\n#\n# F5 BIG-IP - SOL70191975 - Apache Xerces vulnerability CVE-2016-4463\n#\n# Authors:\n# Michael Meyer <michael.meyer@greenbone.net>\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/h:f5:big-ip\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.105898\");\n script_cve_id(\"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_version(\"$Revision: 12051 $\");\n\n script_name(\"F5 BIG-IP - SOL70191975 - Apache Xerces vulnerability CVE-2016-4463\");\n\n script_xref(name:\"URL\", value:\"https://support.f5.com/kb/en-us/solutions/public/k/70/sol70191975.html\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_tag(name:\"solution\", value:\"See the referenced vendor advisory for a solution.\");\n script_tag(name:\"summary\", value:\"Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-24 11:14:54 +0200 (Wed, 24 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2016-09-22 13:01:18 +0200 (Thu, 22 Sep 2016)\");\n script_category(ACT_GATHER_INFO);\n script_family(\"F5 Local Security Checks\");\n script_copyright(\"This script is Copyright (C) 2016 Greenbone Networks GmbH\");\n script_dependencies(\"gb_f5_big_ip_version.nasl\");\n script_require_ports(\"Services/ssh\", 22);\n script_mandatory_keys(\"f5/big_ip/version\", \"f5/big_ip/active_modules\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"f5.inc\");\n\nif( ! version = get_app_version( cpe:CPE ) ) exit( 0 );\n\ncheck_f5['APM'] = make_array( 'affected', '12.0.0-12.1.1;11.4.0-11.6.1;',\n 'unaffected', '11.2.1;10.2.1-10.2.4;');\n\nif( report = is_f5_vulnerable( ca:check_f5, version:version ) )\n{\n security_message( port:0, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2017-07-24T12:54:54", "bulletinFamily": "scanner", "description": "Brandon Perry discovered that xerces-c,\na validating XML parser library for C++, fails to successfully parse a DTD that is\ndeeply nested, causing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).", "modified": "2017-07-07T00:00:00", "published": "2016-06-29T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703610", "id": "OPENVAS:703610", "title": "Debian Security Advisory DSA 3610-1 (xerces-c - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3610.nasl 6608 2017-07-07 12:05:05Z cfischer $\n# Auto-generated from advisory DSA 3610-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703610);\n script_version(\"$Revision: 6608 $\");\n script_cve_id(\"CVE-2016-4463\");\n script_name(\"Debian Security Advisory DSA 3610-1 (xerces-c - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:05 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2016-06-29 00:00:00 +0200 (Wed, 29 Jun 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2016/dsa-3610.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"xerces-c on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (jessie),\nthis problem has been fixed in version 3.1.1-5.1+deb8u3.\n\nWe recommend that you upgrade your xerces-c packages.\");\n script_tag(name: \"summary\", value: \"Brandon Perry discovered that xerces-c,\na validating XML parser library for C++, fails to successfully parse a DTD that is\ndeeply nested, causing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxerces-c-dev\", ver:\"3.1.1-5.1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-doc\", ver:\"3.1.1-5.1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-samples\", ver:\"3.1.1-5.1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:amd64\", ver:\"3.1.1-5.1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:i386\", ver:\"3.1.1-5.1+deb8u3\", rls_regex:\"DEB8.[0-9]+\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-05-29T18:35:39", "bulletinFamily": "scanner", "description": "Brandon Perry discovered that xerces-c,\na validating XML parser library for C++, fails to successfully parse a DTD that is\ndeeply nested, causing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).", "modified": "2019-03-18T00:00:00", "published": "2016-06-29T00:00:00", "id": "OPENVAS:1361412562310703610", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703610", "title": "Debian Security Advisory DSA 3610-1 (xerces-c - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3610.nasl 14275 2019-03-18 14:39:45Z cfischer $\n# Auto-generated from advisory DSA 3610-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703610\");\n script_version(\"$Revision: 14275 $\");\n script_cve_id(\"CVE-2016-4463\");\n script_name(\"Debian Security Advisory DSA 3610-1 (xerces-c - security update)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-18 15:39:45 +0100 (Mon, 18 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-06-29 00:00:00 +0200 (Wed, 29 Jun 2016)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n script_xref(name:\"URL\", value:\"http://www.debian.org/security/2016/dsa-3610.html\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2016 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB8\");\n script_tag(name:\"affected\", value:\"xerces-c on Debian Linux\");\n script_tag(name:\"solution\", value:\"For the stable distribution (jessie),\nthis problem has been fixed in version 3.1.1-5.1+deb8u3.\n\nWe recommend that you upgrade your xerces-c packages.\");\n script_tag(name:\"summary\", value:\"Brandon Perry discovered that xerces-c,\na validating XML parser library for C++, fails to successfully parse a DTD that is\ndeeply nested, causing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).\");\n script_tag(name:\"vuldetect\", value:\"This check tests the installed software\nversion using the apt package manager.\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = isdpkgvuln(pkg:\"libxerces-c-dev\", ver:\"3.1.1-5.1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxerces-c-doc\", ver:\"3.1.1-5.1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxerces-c-samples\", ver:\"3.1.1-5.1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxerces-c3.1:amd64\", ver:\"3.1.1-5.1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\nif((res = isdpkgvuln(pkg:\"libxerces-c3.1:i386\", ver:\"3.1.1-5.1+deb8u3\", rls:\"DEB8\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:35:35", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808555", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808555", "title": "Fedora Update for xerces-c FEDORA-2016-9284772686", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2016-9284772686\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808555\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:20:48 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2016-9284772686\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xerces-c on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-9284772686\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BIVYOHGQPFOEDO524DOQVWNCBG4KBGNC\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.4~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:36", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808543", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808543", "title": "Fedora Update for xerces-c FEDORA-2016-84373c5f4f", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2016-84373c5f4f\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808543\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:20:30 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2016-84373c5f4f\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xerces-c on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-84373c5f4f\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/57LTFBRV4MN2OEKGJBA5ONF5XQ7MGTUP\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.4~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:32:13", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-05-14T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875670", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875670", "title": "Fedora Update for xerces-c27 FEDORA-2018-51ce232320", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875670\");\n script_version(\"2019-05-14T05:04:40+0000\");\n script_cve_id(\"CVE-2016-4463\", \"CVE-2017-12627\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-14 05:04:40 +0000 (Tue, 14 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:15:16 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for xerces-c27 FEDORA-2018-51ce232320\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2018-51ce232320\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMCXOMXMDGI3E4QPKT555STPNMAXVYFN\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xerces-c27'\n package(s) announced via the FEDORA-2018-51ce232320 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Xerces-C is a validating XML parser written in a portable subset of C++.\nXerces-C makes it easy to give your application the ability to read and write\nXML data. A shared library is provided for parsing, generating, manipulating,\nand validating XML documents. Xerces-C is faithful to the XML 1.0\nrecommendation and associated standards ( DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0,\nNamespaces).\n\nNote that this package contains Xerces-C++ 2.7.0 for compatibility with\napplications that cannot use a newer version.\");\n\n script_tag(name:\"affected\", value:\"'xerces-c27' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"xerces-c27\", rpm:\"xerces-c27~2.7.0~28.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-05-29T18:34:57", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808571", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808571", "title": "Fedora Update for xerces-c FEDORA-2016-d2d6890690", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2016-d2d6890690\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808571\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:19:06 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2016-d2d6890690\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"xerces-c on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-d2d6890690\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEIB4NAZYSVOCDTN3VCURZ6DRVSKXP27\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.4~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808566", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808566", "title": "Fedora Update for mingw-xerces-c FEDORA-2016-0a061f6dd9", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2016-0a061f6dd9\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808566\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:20:17 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-0729\", \"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2016-0a061f6dd9\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-xerces-c on Fedora 24\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-0a061f6dd9\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LRX65TCRFROBPR3OYEILI5CB6OMJABZL\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC24\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC24\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.4~1.fc24\", rls:\"FC24\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:40", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808565", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808565", "title": "Fedora Update for mingw-xerces-c FEDORA-2016-7615febbd6", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2016-7615febbd6\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808565\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:19:02 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-0729\", \"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2016-7615febbd6\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-xerces-c on Fedora 22\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-7615febbd6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JPSRUGAJXTCWBLCD3TJRTQRA5ZBZJW4O\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC22\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.4~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2019-05-29T18:35:04", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-03-15T00:00:00", "published": "2016-07-10T00:00:00", "id": "OPENVAS:1361412562310808558", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310808558", "title": "Fedora Update for mingw-xerces-c FEDORA-2016-87e8468465", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2016-87e8468465\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2016 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.808558\");\n script_version(\"$Revision: 14223 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 14:49:35 +0100 (Fri, 15 Mar 2019) $\");\n script_tag(name:\"creation_date\", value:\"2016-07-10 07:19:22 +0200 (Sun, 10 Jul 2016)\");\n script_cve_id(\"CVE-2016-0729\", \"CVE-2016-2099\", \"CVE-2016-4463\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2016-87e8468465\");\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'mingw-xerces-c'\n package(s) announced via the referenced advisory.\");\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n script_tag(name:\"affected\", value:\"mingw-xerces-c on Fedora 23\");\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n script_xref(name:\"FEDORA\", value:\"2016-87e8468465\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6ZA4FNRNKV2VO5X7KEEHWLPUGDPNEVKG\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2016 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC23\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\n\nif(release == \"FC23\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.4~1.fc23\", rls:\"FC23\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99);\n exit(0);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:47", "bulletinFamily": "unix", "description": "The Xerces-C XML parser fails to successfully parse a DTD that is\ndeeply nested, and this causes a stack overflow, which makes a denial\nof service attack against many applications possible by an\nunauthenticated attacker.", "modified": "2016-07-05T00:00:00", "published": "2016-07-05T00:00:00", "id": "ASA-201607-2", "href": "https://lists.archlinux.org/pipermail/arch-security/2016-July/000662.html", "title": "xerces-c: denial of service", "type": "archlinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2019-05-29T14:34:33", "bulletinFamily": "unix", "description": "Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "modified": "2018-10-30T09:21:55", "published": "2018-10-30T08:44:38", "id": "RHSA-2018:3335", "href": "https://access.redhat.com/errata/RHSA-2018:3335", "type": "redhat", "title": "(RHSA-2018:3335) Moderate: xerces-c security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T14:34:00", "bulletinFamily": "unix", "description": "Xerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-11-06T20:02:19", "published": "2018-11-06T19:46:34", "id": "RHSA-2018:3506", "href": "https://access.redhat.com/errata/RHSA-2018:3506", "type": "redhat", "title": "(RHSA-2018:3506) Moderate: xerces-c security update", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "debian": [{"lastseen": "2019-05-30T02:22:28", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3610-1 security@debian.org\nhttps://www.debian.org/security/ Salvatore Bonaccorso\nJune 29, 2016 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xerces-c\nCVE ID : CVE-2016-4463\nDebian Bug : 828990\n\nBrandon Perry discovered that xerces-c, a validating XML parser library\nfor C++, fails to successfully parse a DTD that is deeply nested,\ncausing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).\n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 3.1.1-5.1+deb8u3.\n\nWe recommend that you upgrade your xerces-c packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2016-06-29T20:19:18", "published": "2016-06-29T20:19:18", "id": "DEBIAN:DSA-3610-1:14B0F", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2016/msg00188.html", "title": "[SECURITY] [DSA 3610-1] xerces-c security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-30T02:21:32", "bulletinFamily": "unix", "description": "Package : xerces-c\nVersion : 3.1.1-3+deb7u4\nCVE ID : CVE-2016-4463\nDebian Bug : 828990\n\nBrandon Perry discovered that xerces-c, a validating XML parser library\nfor C++, fails to successfully parse a DTD that is deeply nested,\ncausing a stack overflow. A remote unauthenticated attacker can take\nadvantage of this flaw to cause a denial of service against applications\nusing the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications\nto fully disable DTD processing through the use of an environment\nvariable (XERCES_DISABLE_DTD).\n\nFor Debian 7 "Wheezy", these problems have been fixed in version\n3.1.1-3+deb7u4.\n\nWe recommend that you upgrade your xerces-c packages.\n\nFurther information about Debian LTS security advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://wiki.debian.org/LTS\n", "modified": "2016-06-29T20:28:13", "published": "2016-06-29T20:28:13", "id": "DEBIAN:DLA-535-1:80CD0", "href": "https://lists.debian.org/debian-lts-announce/2016/debian-lts-announce-201606/msg00035.html", "title": "[SECURITY] [DLA 535-1] xerces-c security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "nessus": [{"lastseen": "2019-02-21T01:43:53", "bulletinFamily": "scanner", "description": "An update for xerces-c is now available for Red Hat Enterprise Linux 7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2018-3506.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118791", "published": "2018-11-07T00:00:00", "title": "RHEL 7 : xerces-c (RHSA-2018:3506)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3506. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118791);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2016-4463\");\n script_xref(name:\"RHSA\", value:\"2018:3506\");\n\n script_name(english:\"RHEL 7 : xerces-c (RHSA-2018:3506)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for xerces-c is now available for Red Hat Enterprise Linux\n7.5 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++. Xerces-C makes it easy to give your application the ability to\nread and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD\n(CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:3506\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4463\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7\\.5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.5\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3506\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"xerces-c-3.1.1-8.el7_5.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"xerces-c-debuginfo-3.1.1-8.el7_5.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"xerces-c-devel-3.1.1-8.el7_5.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"5\", reference:\"xerces-c-doc-3.1.1-8.el7_5.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-debuginfo / xerces-c-devel / xerces-c-doc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:27", "bulletinFamily": "scanner", "description": "According to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-10T00:00:00", "id": "EULEROS_SA-2018-1395.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119523", "published": "2018-12-10T00:00:00", "title": "EulerOS 2.0 SP3 : xerces-c (EulerOS-SA-2018-1395)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119523);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/12/10 9:27:37\");\n\n script_cve_id(\n \"CVE-2016-4463\"\n );\n\n script_name(english:\"EulerOS 2.0 SP3 : xerces-c (EulerOS-SA-2018-1395)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the xerces-c package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD\n (CVE-2016-4463)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1395\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?cb9fb784\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected xerces-c package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(3)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP3\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"xerces-c-3.1.1-9.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"3\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:15", "bulletinFamily": "scanner", "description": "Security Fix(es) :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)", "modified": "2018-12-27T00:00:00", "id": "SL_20181030_XERCES_C_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119203", "published": "2018-11-27T00:00:00", "title": "Scientific Linux Security Update : xerces-c on SL7.x x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119203);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/12/27 10:05:37\");\n\n script_cve_id(\"CVE-2016-4463\");\n\n script_name(english:\"Scientific Linux Security Update : xerces-c on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security Fix(es) :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD\n (CVE-2016-4463)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1811&L=scientific-linux-errata&F=&S=&P=12055\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?7856056f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/10/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-debuginfo-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xerces-c-doc-3.1.1-9.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:57", "bulletinFamily": "scanner", "description": "Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows context-dependent attackers to cause a denial of service via a deeply nested DTD.(CVE-2016-4463)", "modified": "2019-01-04T00:00:00", "id": "F5_BIGIP_SOL70191975.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=93550", "published": "2016-09-16T00:00:00", "title": "F5 Networks BIG-IP : Apache Xerces vulnerability (K70191975)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from F5 Networks BIG-IP Solution K70191975.\n#\n# The text description of this plugin is (C) F5 Networks.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(93550);\n script_version(\"2.10\");\n script_cvs_date(\"Date: 2019/01/04 10:03:40\");\n\n script_cve_id(\"CVE-2016-4463\");\n\n script_name(english:\"F5 Networks BIG-IP : Apache Xerces vulnerability (K70191975)\");\n script_summary(english:\"Checks the BIG-IP version.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote device is missing a vendor-supplied security patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Stack-based buffer overflow in Apache Xerces-C++ before 3.1.4 allows\ncontext-dependent attackers to cause a denial of service via a deeply\nnested DTD.(CVE-2016-4463)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://support.f5.com/csp/article/K70191975\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade to one of the non-vulnerable versions listed in the F5\nSolution K70191975.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:f5:big-ip_access_policy_manager\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/h:f5:big-ip\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/09/15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/09/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"F5 Networks Local Security Checks\");\n\n script_dependencies(\"f5_bigip_detect.nbin\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/BIG-IP/hotfix\", \"Host/BIG-IP/modules\", \"Host/BIG-IP/version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude(\"f5_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nversion = get_kb_item(\"Host/BIG-IP/version\");\nif ( ! version ) audit(AUDIT_OS_NOT, \"F5 Networks BIG-IP\");\nif ( isnull(get_kb_item(\"Host/BIG-IP/hotfix\")) ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/hotfix\");\nif ( ! get_kb_item(\"Host/BIG-IP/modules\") ) audit(AUDIT_KB_MISSING, \"Host/BIG-IP/modules\");\n\nsol = \"K70191975\";\nvmatrix = make_array();\n\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# APM\nvmatrix[\"APM\"] = make_array();\nvmatrix[\"APM\"][\"affected\" ] = make_list(\"12.0.0-12.1.1\",\"11.4.0-11.6.1\");\nvmatrix[\"APM\"][\"unaffected\"] = make_list(\"11.2.1\",\"10.2.1-10.2.4\");\n\n\nif (bigip_is_affected(vmatrix:vmatrix, sol:sol))\n{\n if (report_verbosity > 0) security_warning(port:0, extra:bigip_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = bigip_get_tested_modules();\n audit_extra = \"For BIG-IP module(s) \" + tested + \",\";\n if (tested) audit(AUDIT_INST_VER_NOT_VULN, audit_extra, version);\n else audit(AUDIT_HOST_NOT, \"running the affected module APM\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:53", "bulletinFamily": "scanner", "description": "An update for xerces-c is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2018-3514.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118793", "published": "2018-11-07T00:00:00", "title": "RHEL 7 : xerces-c (RHSA-2018:3514)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3514. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118793);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2018/11/10 11:49:58\");\n\n script_cve_id(\"CVE-2016-4463\");\n script_xref(name:\"RHSA\", value:\"2018:3514\");\n\n script_name(english:\"RHEL 7 : xerces-c (RHSA-2018:3514)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for xerces-c is now available for Red Hat Enterprise Linux\n7.4 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++. Xerces-C makes it easy to give your application the ability to\nread and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD\n(CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2018:3514\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2016-4463\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7\\.4([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.4\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2018:3514\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"xerces-c-3.1.1-8.el7_4.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"xerces-c-debuginfo-3.1.1-8.el7_4.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"xerces-c-devel-3.1.1-8.el7_4.1\")) flag++;\n if (rpm_check(release:\"RHEL7\", sp:\"4\", reference:\"xerces-c-doc-3.1.1-8.el7_4.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-debuginfo / xerces-c-devel / xerces-c-doc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:27:18", "bulletinFamily": "scanner", "description": "Brandon Perry discovered that xerces-c, a validating XML parser library for C++, fails to successfully parse a DTD that is deeply nested, causing a stack overflow. A remote unauthenticated attacker can take advantage of this flaw to cause a denial of service against applications using the xerces-c library.\n\nAdditionally this update includes an enhancement to enable applications to fully disable DTD processing through the use of an environment variable (XERCES_DISABLE_DTD).\n\nFor Debian 7 'Wheezy', these problems have been fixed in version 3.1.1-3+deb7u4.\n\nWe recommend that you upgrade your xerces-c packages.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-09T00:00:00", "id": "DEBIAN_DLA-535.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=91902", "published": "2016-07-01T00:00:00", "title": "Debian DLA-535-1 : xerces-c security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-535-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(91902);\n script_version(\"2.7\");\n script_cvs_date(\"Date: 2018/07/09 12:26:57\");\n\n script_cve_id(\"CVE-2016-4463\");\n\n script_name(english:\"Debian DLA-535-1 : xerces-c security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Brandon Perry discovered that xerces-c, a validating XML parser\nlibrary for C++, fails to successfully parse a DTD that is deeply\nnested, causing a stack overflow. A remote unauthenticated attacker\ncan take advantage of this flaw to cause a denial of service against\napplications using the xerces-c library.\n\nAdditionally this update includes an enhancement to enable\napplications to fully disable DTD processing through the use of an\nenvironment variable (XERCES_DISABLE_DTD).\n\nFor Debian 7 'Wheezy', these problems have been fixed in version\n3.1.1-3+deb7u4.\n\nWe recommend that you upgrade your xerces-c packages.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2016/06/msg00035.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/wheezy/xerces-c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:7.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2016/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2016/07/01\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2016-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"7.0\", prefix:\"libxerces-c-dev\", reference:\"3.1.1-3+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxerces-c-doc\", reference:\"3.1.1-3+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxerces-c-samples\", reference:\"3.1.1-3+deb7u4\")) flag++;\nif (deb_check(release:\"7.0\", prefix:\"libxerces-c3.1\", reference:\"3.1.1-3+deb7u4\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:50", "bulletinFamily": "scanner", "description": "According to the version of the xerces-c package installed, the EulerOS installation on the remote host is affected by the following vulnerability :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-12-28T00:00:00", "id": "EULEROS_SA-2018-1422.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119911", "published": "2018-12-28T00:00:00", "title": "EulerOS 2.0 SP2 : xerces-c (EulerOS-SA-2018-1422)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119911);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/12/28 10:10:33\");\n\n script_cve_id(\n \"CVE-2016-4463\"\n );\n\n script_name(english:\"EulerOS 2.0 SP2 : xerces-c (EulerOS-SA-2018-1422)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the xerces-c package installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerability :\n\n - xerces-c: Stack overflow when parsing deeply nested DTD\n (CVE-2016-4463)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huawei.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2018-1422\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?152d153f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected xerces-c package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/28\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(2)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP2\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\n\nflag = 0;\n\npkgs = [\"xerces-c-3.1.1-9.h1\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"2\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:05", "bulletinFamily": "scanner", "description": "An update for xerces-c is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "modified": "2018-11-16T00:00:00", "id": "CENTOS_RHSA-2018-3335.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119005", "published": "2018-11-16T00:00:00", "title": "CentOS 7 : xerces-c (CESA-2018:3335)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2018:3335 and \n# CentOS Errata and Security Advisory 2018:3335 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119005);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/11/16 15:19:24\");\n\n script_cve_id(\"CVE-2016-4463\");\n script_xref(name:\"RHSA\", value:\"2018:3335\");\n\n script_name(english:\"CentOS 7 : xerces-c (CESA-2018:3335)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for xerces-c is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++. Xerces-C makes it easy to give your application the ability to\nread and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD\n(CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n # https://lists.centos.org/pipermail/centos-cr-announce/2018-November/005710.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8cfad5b9\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-doc-3.1.1-9.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:43:53", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2018:3335 :\n\nAn update for xerces-c is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.", "modified": "2018-11-07T00:00:00", "id": "ORACLELINUX_ELSA-2018-3335.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=118784", "published": "2018-11-07T00:00:00", "title": "Oracle Linux 7 : xerces-c (ELSA-2018-3335)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2018:3335 and \n# Oracle Linux Security Advisory ELSA-2018-3335 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(118784);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/11/07 11:02:18\");\n\n script_cve_id(\"CVE-2016-4463\");\n script_xref(name:\"RHSA\", value:\"2018:3335\");\n\n script_name(english:\"Oracle Linux 7 : xerces-c (ELSA-2018-3335)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2018:3335 :\n\nAn update for xerces-c is now available for Red Hat Enterprise Linux\n7.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Moderate. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++. Xerces-C makes it easy to give your application the ability to\nread and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents.\n\nSecurity Fix(es) :\n\n* xerces-c: Stack overflow when parsing deeply nested DTD\n(CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, and other related information, refer to the CVE page(s)\nlisted in the References section.\n\nAdditional Changes :\n\nFor detailed information on changes in this release, see the Red Hat\nEnterprise Linux 7.6 Release Notes linked from the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2018-November/008207.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/11/07\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-9.el7\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-doc-3.1.1-9.el7\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-devel / xerces-c-doc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:44:25", "bulletinFamily": "scanner", "description": "A stack exhaustion flaw was found in the way Xerces-C XML parser handled deeply nested DTDs. An attacker could potentially use this flaw to crash an application using Xerces-C by tricking it into processing specially crafted data.(CVE-2016-4463)", "modified": "2018-12-10T00:00:00", "id": "AL2_ALAS-2018-1124.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=119507", "published": "2018-12-10T00:00:00", "title": "Amazon Linux 2 : xerces-c (ALAS-2018-1124)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2018-1124.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(119507);\n script_version(\"1.1\");\n script_cvs_date(\"Date: 2018/12/10 9:27:37\");\n\n script_cve_id(\"CVE-2016-4463\");\n script_xref(name:\"ALAS\", value:\"2018-1124\");\n\n script_name(english:\"Amazon Linux 2 : xerces-c (ALAS-2018-1124)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux 2 host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A stack exhaustion flaw was found in the way Xerces-C XML parser\nhandled deeply nested DTDs. An attacker could potentially use this\nflaw to crash an application using Xerces-C by tricking it into\nprocessing specially crafted data.(CVE-2016-4463)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/AL2/ALAS-2018-1124.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update xerces-c' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:xerces-c-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2018/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2018/12/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"AL2\", reference:\"xerces-c-3.1.1-9.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"xerces-c-debuginfo-3.1.1-9.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"xerces-c-devel-3.1.1-9.amzn2\")) flag++;\nif (rpm_check(release:\"AL2\", reference:\"xerces-c-doc-3.1.1-9.amzn2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-debuginfo / xerces-c-devel / xerces-c-doc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-05-29T18:35:46", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2018:3335\n\n\nXerces-C is a validating XML parser written in a portable subset of C++. Xerces-C makes it easy to give your application the ability to read and write XML data. A shared library is provided for parsing, generating, manipulating, and validating XML documents.\n\nSecurity Fix(es):\n\n* xerces-c: Stack overflow when parsing deeply nested DTD (CVE-2016-4463)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 7.6 Release Notes linked from the References section.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-cr-announce/2018-November/005710.html\n\n**Affected packages:**\nxerces-c\nxerces-c-devel\nxerces-c-doc\n\n**Upstream details at:**\n", "modified": "2018-11-15T18:53:50", "published": "2018-11-15T18:53:50", "id": "CESA-2018:3335", "href": "http://lists.centos.org/pipermail/centos-cr-announce/2018-November/005710.html", "title": "xerces security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:39:21", "bulletinFamily": "unix", "description": "[3.1.1-9]\n- Fix CVE-2016-4463\n- Resolves: #1534481", "modified": "2018-11-05T00:00:00", "published": "2018-11-05T00:00:00", "id": "ELSA-2018-3335", "href": "http://linux.oracle.com/errata/ELSA-2018-3335.html", "title": "xerces-c security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "freebsd": [{"lastseen": "2019-05-29T18:32:37", "bulletinFamily": "unix", "description": "\nApache reports:\n\nThe Xerces-C XML parser fails to successfully parse a\n\t DTD that is deeply nested, and this causes a stack overflow, which\n\t makes a denial of service attack against many applications possible\n\t by an unauthenticated attacker.\nAlso, CVE-2016-2099: Use-after-free vulnerability in\n\t validators/DTD/DTDScanner.cpp in Apache Xerces C++ 3.1.3 and earlier\n\t allows context-dependent attackers to have unspecified impact via an\n\t invalid character in an XML document.\n\n", "modified": "2016-05-09T00:00:00", "published": "2016-05-09T00:00:00", "id": "CB09A7AA-5344-11E6-A7BD-14DAE9D210B8", "href": "https://vuxml.freebsd.org/freebsd/cb09a7aa-5344-11e6-a7bd-14dae9d210b8.html", "title": "xercesi-c3 -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "oracle": [{"lastseen": "2019-05-29T18:20:50", "bulletinFamily": "software", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to: \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<http://www.oracle.com/securityalerts>) for information about Oracle Security Advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 334 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ July 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2420273.1>).\n\nMany industry experts anticipate that exploits leveraging known flaws in modern processor designs will continue to be disclosed for the foreseeable future (i.e., \"Spectre\" variants). For information related to these issues, please refer to:\n\n * the January 2018 Critical Patch Update (and later) Advisories,\n * the \"Addendum to the January 2018 Critical Patch Update Advisory for Spectre (CVE-2017-5715, CVE-2017-5753) and Meltdown (CVE-2017-5754)\" ([Doc ID 2347948.1](<https://support.oracle.com/rs?type=doc&id=2347948.1>)), and\n * \"Information about processor vulnerabilities CVE-2018-3640 (\"Spectre v3a\") and CVE-2018-3639 (\"Spectre v4\")\" ([Doc ID 2399123.1](<https://support.oracle.com/rs?type=doc&id=2399123.1>)).\n\n \n", "modified": "2018-10-12T00:00:00", "published": "2018-07-17T00:00:00", "id": "ORACLE:CPUJUL2018-4258247", "href": "", "title": "CPU July 2018", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
