{"id": "RHSA-2019:2766", "hash": "608803f81fb4c49d6c9eb90d5f9a3690", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2019:2766) Important: Red Hat OpenShift Enterprise 4.1.15 gRPC security update", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains updated container images for multus-cni, operator-lifecycle-manager, and operator-registry in Red Hat OpenShift Container Platform 4.1.15. Each of these container images includes gRPC, which has been updated with the below fixes.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2019-09-12T22:20:25", "modified": "2019-09-12T22:21:12", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}, "href": "https://access.redhat.com/errata/RHSA-2019:2766", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2019-9512", "CVE-2019-9514", "CVE-2019-9515"], "lastseen": "2019-09-12T18:48:54", "history": [], "viewCount": 64, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-9514", "CVE-2019-9515", "CVE-2019-9512"]}, {"type": "f5", "idList": ["F5:K01988340", "F5:K50233772", "F5:K98053339"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4503-1:6B94A", "DEBIAN:DSA-4520-1:26CCF", "DEBIAN:DSA-4508-1:2E656"]}, {"type": "redhat", "idList": ["RHSA-2019:3906", "RHSA-2019:2796", "RHSA-2019:3245", "RHSA-2019:2661", "RHSA-2020:0406", "RHSA-2019:2682", "RHSA-2019:2861", "RHSA-2019:4273", "RHSA-2019:2726", "RHSA-2019:4041"]}, {"type": "freebsd", "idList": ["41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "72A5579E-C765-11E9-8052-0028F8D09152", "73B1E734-C74E-11E9-8052-0028F8D09152"]}, {"type": "nessus", "idList": ["FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL", "EULEROS_SA-2019-1967.NASL", "DEBIAN_DSA-4520.NASL", "FREEBSD_PKG_41F4BAACBF7711E98D2F5404A68AD561.NASL", "REDHAT-RHSA-2019-2726.NASL", "DEBIAN_DSA-4508.NASL", "FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL", "ORACLELINUX_ELSA-2019-4273.NASL", "REDHAT-RHSA-2019-3906.NASL", "ARISTA_EOS_SA0043.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310852903", "OPENVAS:1361412562310704520", "OPENVAS:1361412562310143069", "OPENVAS:1361412562310852848", "OPENVAS:1361412562310876757", "OPENVAS:1361412562310852691", "OPENVAS:1361412562310852683", "OPENVAS:1361412562311220191967", "OPENVAS:1361412562310852847", "OPENVAS:1361412562310704508"]}, {"type": "symantec", "idList": ["SMNTC-109636", "SMNTC-109637"]}, {"type": "apple", "idList": ["APPLE:HT210436"]}, {"type": "oraclelinux", "idList": ["ELSA-2019-2726"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:2085-1", "OPENSUSE-SU-2019:2056-1", "OPENSUSE-SU-2019:2072-1", "OPENSUSE-SU-2019:2000-1", "OPENSUSE-SU-2019:2130-1"]}, {"type": "amazon", "idList": ["ALAS-2019-1270"]}], "modified": "2019-09-12T18:48:54", "rev": 2}, "score": {"value": 6.3, "vector": "NONE", "modified": "2019-09-12T18:48:54", "rev": 2}, "vulnersScore": 6.3}, "objectVersion": "1.4", "affectedPackage": [], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.base.Bulletin", "robots.models.redhat.RedHatBulletin"]}

{"cve": [{"lastseen": "2020-03-31T11:47:32", "bulletinFamily": "NVD", "description": "Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.", "modified": "2019-08-23T21:15:00", "id": "CVE-2019-9515", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9515", "published": "2019-08-13T21:15:00", "title": "CVE-2019-9515", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-31T11:47:32", "bulletinFamily": "NVD", "description": "Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.", "modified": "2019-08-23T21:15:00", "id": "CVE-2019-9512", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9512", "published": "2019-08-13T21:15:00", "title": "CVE-2019-9512", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T18:55:46", "bulletinFamily": "NVD", "description": "Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.", "modified": "2019-08-23T21:15:00", "id": "CVE-2019-9514", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-9514", "published": "2019-08-13T21:15:00", "title": "CVE-2019-9514", "type": "cve", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "f5": [{"lastseen": "2020-04-06T22:40:51", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 773673 (BIG-IP) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Medium | [5.0](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C>) | Virtual servers configured to use the HTTP/2 profile \n14.x | 14.0.0 - 14.1.2 | 14.1.2.1 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.6.1 - 11.6.5 | 11.6.5.1 \nBIG-IP (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | Not applicable | Not vulnerable | None | None \n14.x | None | Not applicable \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nF5 would like to acknowledge Jonathan Looney with Netflix for their efforts in identifying this issue.\n\n * [K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518](<https://support.f5.com/csp/article/K46011592>)\n * [K01988340: HTTP/2 Reset Flood vulnerability CVE-2019-9514](<https://support.f5.com/csp/article/K01988340>)\n * [K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515](<https://support.f5.com/csp/article/K50233772>)\n * [K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517](<https://support.f5.com/csp/article/K02591030>)\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2020-02-10T16:48:00", "published": "2019-08-20T05:48:00", "id": "F5:K98053339", "href": "https://support.f5.com/csp/article/K98053339", "title": "HTTP/2 Ping Flood vulnerability CVE-2019-9512", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-06T22:40:35", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 788773 (BIG-IP) to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Medium | [5.0](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C>) | Virtual servers configured to use the HTTP/2 profile \n14.x | 14.0.0 - 14.1.2 | 14.1.2.1 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.6.1 - 11.6.5 | 11.6.5.1 \nBIG-IP (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | Not applicable | Not vulnerable | None | None \n14.x | None | Not applicable \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nF5 would like to acknowledge Jonathan Looney with Netflix for their efforts in identifying this issue.\n\n * [K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518](<https://support.f5.com/csp/article/K46011592>)\n * [K01988340: HTTP/2 Reset Flood vulnerability CVE-2019-9514](<https://support.f5.com/csp/article/K01988340>)\n * [K98053339: HTTP/2 Ping Flood vulnerability CVE-2019-9512](<https://support.f5.com/csp/article/K98053339>)\n * [K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517](<https://support.f5.com/csp/article/K02591030>)\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2020-02-10T12:46:00", "published": "2019-08-20T05:49:00", "id": "F5:K50233772", "href": "https://support.f5.com/csp/article/K50233772", "title": "HTTP/2 Settings Flood vulnerability CVE-2019-9515", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-06T22:40:16", "bulletinFamily": "software", "description": "\nF5 Product Development has assigned ID 788769 to this vulnerability.\n\nTo determine if your product and version have been evaluated for this vulnerability, refer to the **Applies to (see versions)** box. To determine if your release is known to be vulnerable, the components or features that are affected by the vulnerability, and for information about releases, point releases, or hotfixes that address the vulnerability, refer to the following table. For more information about security advisory versioning, refer to [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>).\n\nProduct | Branch | Versions known to be vulnerable | Fixes introduced in | Severity | CVSSv3 score1 | Vulnerable component or feature \n---|---|---|---|---|---|--- \nBIG-IP (LTM) | 15.x | 15.0.0 - 15.0.1 | 15.1.0 \n15.0.1.1 | Medium | [5.0](<https://first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:U/RC:C>) | Virtual servers configured to use the HTTP/2 profile \n14.x | 14.0.0 - 14.1.2 | 14.1.2.1 \n14.0.1.1 \n13.x | 13.1.0 - 13.1.3 | 13.1.3.2 \n12.x | 12.1.0 - 12.1.5 | 12.1.5.1 \n11.x | 11.6.1 - 11.6.5 | 11.6.5.1 \nBIG-IP (AAM, AFM, Analytics, APM, ASM, DNS, Edge Gateway, FPS, GTM, Link Controller, PEM, WebAccelerator) | 15.x | None | Not applicable | Not vulnerable | None | None \n14.x | None | Not applicable \n13.x | None | Not applicable \n12.x | None | Not applicable \n11.x | None | Not applicable \nEnterprise Manager | 3.x | None | Not applicable | Not vulnerable | None | None \nBIG-IQ Centralized Management | 6.x | None | Not applicable | Not vulnerable | None | None \n5.x | None | Not applicable \nF5 iWorkflow | 2.x | None | Not applicable | Not vulnerable | None | None \nTraffix SDC | 5.x | None | Not applicable | Not vulnerable | None | None \n \n1The CVSSv3 score link takes you to a resource outside of AskF5, and it is possible that the document may be removed without our knowledge.\n\nIf you are running a version listed in the **Versions known to be vulnerable** column, you can eliminate this vulnerability by upgrading to a version listed in the **Fixes introduced in** column. If the table lists only an older version than what you are currently running, or does not list a non-vulnerable version, then no upgrade candidate currently exists.\n\nMitigation\n\nNone\n\nF5 would like to acknowledge Jonathan Looney with Netflix for their efforts in identifying this issue.\n\n * [K46011592: HTTP/2 Empty Frames Flood vulnerability CVE-2019-9518](<https://support.f5.com/csp/article/K46011592>)\n * [K98053339: HTTP/2 Ping Flood vulnerability CVE-2019-9512](<https://support.f5.com/csp/article/K98053339>)\n * [K50233772: HTTP/2 Settings Flood vulnerability CVE-2019-9515](<https://support.f5.com/csp/article/K50233772>)\n * [K02591030: HTTP/2 vulnerabilities CVE-2019-9511, CVE-2019-9513, CVE-2019-9516, and CVE-2019-9517](<https://support.f5.com/csp/article/K02591030>)\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K4918: Overview of the F5 critical issue hotfix policy](<https://support.f5.com/csp/article/K4918>)\n * [K9502: BIG-IP hotfix and point release matrix](<https://support.f5.com/csp/article/K9502>)\n * [K13123: Managing BIG-IP product hotfixes (11.x - 15.x)](<https://support.f5.com/csp/article/K13123>)\n * [K167: Downloading software and firmware from F5](<https://support.f5.com/csp/article/K167>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "modified": "2020-02-10T12:58:00", "published": "2019-08-20T05:46:00", "id": "F5:K01988340", "href": "https://support.f5.com/csp/article/K01988340", "title": "HTTP/2 Reset Flood vulnerability CVE-2019-9514", "type": "f5", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "debian": [{"lastseen": "2019-08-25T02:28:04", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4508-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 24, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : h2o\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515\n\nThree vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\n\nFor the detailed security status of h2o please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/h2o\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2019-08-24T14:44:18", "published": "2019-08-24T14:44:18", "id": "DEBIAN:DSA-4508-1:2E656", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00156.html", "title": "[SECURITY] [DSA 4508-1] h2o security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-10T02:24:15", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4520-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nSeptember 09, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : trafficserver\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9518\n\nSeveral vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\n\nFor the detailed security status of trafficserver please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/trafficserver\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2019-09-09T20:44:42", "published": "2019-09-09T20:44:42", "id": "DEBIAN:DSA-4520-1:26CCF", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00168.html", "title": "[SECURITY] [DSA 4520-1] trafficserver security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-24T14:27:46", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4503-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nAugust 18, 2019 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : golang-1.11\nCVE ID : CVE-2019-9512 CVE-2019-9514 CVE-2019-14809\n\nThree vulnerabilities have been discovered in the Go programming language;\n&quot;net/url&quot; accepted some invalid hosts in URLs which could result in\nauthorisation bypass in some applications and the HTTP/2 implementation\nwas susceptible to denial of service.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 1.11.6-1+deb10u1.\n\nWe recommend that you upgrade your golang-1.11 packages.\n\nFor the detailed security status of golang-1.11 please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/golang-1.11\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2019-08-18T18:25:26", "published": "2019-08-18T18:25:26", "id": "DEBIAN:DSA-4503-1:6B94A", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2019/msg00151.html", "title": "[SECURITY] [DSA 4503-1] golang-1.11 security update", "type": "debian", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "redhat": [{"lastseen": "2019-09-26T17:27:29", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains updates gRPC in the sriov-network-device-plugin container in Red Hat OpenShift Container Platform 4.1.18.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-26T21:11:33", "published": "2019-09-26T21:11:08", "id": "RHSA-2019:2861", "href": "https://access.redhat.com/errata/RHSA-2019:2861", "type": "redhat", "title": "(RHSA-2019:2861) Important: OpenShift Container Platform 4.1.18 gRPC security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-17T14:24:09", "bulletinFamily": "unix", "description": "Skydive is an open source real-time network topology and protocols analyzer.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-17T17:12:57", "published": "2019-09-17T12:12:27", "id": "RHSA-2019:2796", "href": "https://access.redhat.com/errata/RHSA-2019:2796", "type": "redhat", "title": "(RHSA-2019:2796) Important: skydive security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-02-04T19:28:43", "bulletinFamily": "unix", "description": "The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-02-05T00:14:55", "published": "2020-02-04T23:54:49", "id": "RHSA-2020:0406", "href": "https://access.redhat.com/errata/RHSA-2020:0406", "type": "redhat", "title": "(RHSA-2020:0406) Important: containernetworking-plugins security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T07:33:30", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThe following packages have been rebuilt with an updated version of golang: apb (2.0.3), containernetworking-plugins (0.8.1), and golang-github-prometheus-promu (0.5.0). \n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-29T21:33:56", "published": "2019-10-29T21:28:20", "id": "RHSA-2019:3245", "href": "https://access.redhat.com/errata/RHSA-2019:3245", "type": "redhat", "title": "(RHSA-2019:3245) Important: OpenShift Container Platform 4.2 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-10T12:47:57", "bulletinFamily": "unix", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Failure trying to conntect to image registry using TLS when buildah is compiled with FIPS mode (BZ#1743169)", "modified": "2019-09-10T15:34:38", "published": "2019-09-10T14:40:48", "id": "RHSA-2019:2726", "href": "https://access.redhat.com/errata/RHSA-2019:2726", "type": "redhat", "title": "(RHSA-2019:2726) Important: go-toolset:rhel8 security and bug fix update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-11T07:51:10", "bulletinFamily": "unix", "description": "Both the openshift and atomic-enterprise-service-catalog packages have been rebuilt with updates versions of golang. The golang packages provide the Go programming language compiler.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "modified": "2019-09-11T09:14:59", "published": "2019-09-11T09:08:25", "id": "RHSA-2019:2661", "href": "https://access.redhat.com/errata/RHSA-2019:2661", "type": "redhat", "title": "(RHSA-2019:2661) Important: Red Hat OpenShift Container Platform 4.1 openshift RPM security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-16T15:38:08", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the cri-o, cri-tools, faq, ignition, openshift-external-storage and pivot RPM packages, which have been rebuilt with an updated version of golang for Red Hat OpenShift Container Platform 4.1.20.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-16T19:30:36", "published": "2019-10-16T19:23:57", "id": "RHSA-2019:3131", "href": "https://access.redhat.com/errata/RHSA-2019:3131", "type": "redhat", "title": "(RHSA-2019:3131) Important: OpenShift Container Platform 4.1.20 golang security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-09T14:47:34", "bulletinFamily": "unix", "description": "Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-09-09T17:02:07", "published": "2019-09-09T12:15:34", "id": "RHSA-2019:2682", "href": "https://access.redhat.com/errata/RHSA-2019:2682", "type": "redhat", "title": "(RHSA-2019:2682) Important: go-toolset-1.11 and go-toolset-1.11-golang security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T19:06:10", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the ansible-operator, apb, containernetworking-plugins, golang-github-openshift-prometheus-alert-buffer, golang-github-prometheus-promu and openshift-eventrouter RPM packages for Red Hat OpenShift Container Platform 4.1.21. These packages have been rebuilt with an updated version of Go to address the below security issues.\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-10-30T22:16:12", "published": "2019-10-30T22:12:25", "id": "RHSA-2019:3265", "href": "https://access.redhat.com/errata/RHSA-2019:3265", "type": "redhat", "title": "(RHSA-2019:3265) Important: OpenShift Container Platform 4.1 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-11-18T16:23:09", "bulletinFamily": "unix", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of Go, which includes the security fixes listed further below:\n\natomic-enterprise-service-catalog\natomic-openshift-cluster-autoscaler\natomic-openshift-descheduler\natomic-openshift-metrics-server\natomic-openshift-node-problem-detector\natomic-openshift-service-idler\natomic-openshift-web-console\ncockpit\ncsi-attacher\ncsi-driver-registrar\ncsi-livenessprobe\ncsi-provisioner\ngolang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus\nhawkular-openshift-agent\nheapster\nimage-inspector\nopenshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity\nopenshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es):\n\n* HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2019-11-18T21:19:29", "published": "2019-11-18T21:18:29", "id": "RHSA-2019:3906", "href": "https://access.redhat.com/errata/RHSA-2019:3906", "type": "redhat", "title": "(RHSA-2019:3906) Important: OpenShift Container Platform 3.11 HTTP/2 security update", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "freebsd": [{"lastseen": "2019-08-25T21:39:55", "bulletinFamily": "unix", "description": "\nJonathon Loomey of Netflix reports:\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following:\n\nCVE-2019-9512 \"Ping Flood\": The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\nCVE-2019-9514 \"Reset Flood\": The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\nCVE-2019-9515 \"Settings Flood\": The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "73B1E734-C74E-11E9-8052-0028F8D09152", "href": "https://vuxml.freebsd.org/freebsd/73b1e734-c74e-11e9-8052-0028f8d09152.html", "title": "h2o -- multiple HTTP/2 vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-25T21:39:55", "bulletinFamily": "unix", "description": "\nJonathon Loomey of Netflix reports:\n\nHTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion\nRecently, a series of DoS attack vulnerabilities have been reported on a broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is exposed to the following:\n\nCVE-2019-9512 \"Ping Flood\": The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\nCVE-2019-9514 \"Reset Flood\": The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both, potentially leading to a denial of service.\nCVE-2019-9515 \"Settings Flood\": The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both, potentially leading to a denial of service.\n\n\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "72A5579E-C765-11E9-8052-0028F8D09152", "href": "https://vuxml.freebsd.org/freebsd/72a5579e-c765-11e9-8052-0028f8d09152.html", "title": "h2o -- multiple HTTP/2 vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-24T11:39:45", "bulletinFamily": "unix", "description": "\nThe traefik project reports:\n\nUpdate of dependency to go go1.12.8 resolves potential HTTP/2\n\t denial of service in traefik.\n\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "41F4BAAC-BF77-11E9-8D2F-5404A68AD561", "href": "https://vuxml.freebsd.org/freebsd/41f4baac-bf77-11e9-8d2f-5404a68ad561.html", "title": "traefik -- Denial of service in HTTP/2", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-04-21T16:51:57", "bulletinFamily": "unix", "description": "\nTwisted developers reports:\n\nAll HTTP clients in twisted.web.client now raise a ValueError when\n\tcalled with a method and/or URL that contain invalid characters. This\n\tmitigates CVE-2019-12387. Thanks to Alex Brasetvik for reporting this\n\tvulnerability.\nThe HTTP/2 server implementation now enforces TCP flow control on\n\tcontrol frame messages and times out clients that send invalid data\n\twithout reading responses. This closes CVE-2019-9512 (Ping Flood),\n\tCVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks\n\tto Jonathan Looney and Piotr Sikora.\ntwisted.web.http was subject to several request smuggling attacks.\n\tRequests with multiple Content-Length headers were allowed\n\t(CVE-2020-10108, thanks to Jake Miller from Bishop Fox and ZeddYu Lu\n\tfor reporting this) and now fail with a 400; requests with a\n\tContent-Length header and a Transfer-Encoding header honored the first\n\theader (CVE-2020-10109, thanks to Jake Miller from Bishop Fox for\n\treporting this) and now fail with a 400; requests whose\n\tTransfer-Encoding header had a value other than \"chunked\" and\n\t\"identity\" (thanks to ZeddYu Lu) were allowed and now fail with a 400.\n\n", "modified": "2019-03-01T00:00:00", "published": "2019-03-01T00:00:00", "id": "9FBAEFB3-837E-11EA-B5B4-641C67A117D8", "href": "https://vuxml.freebsd.org/freebsd/9fbaefb3-837e-11ea-b5b4-641c67a117d8.html", "title": "py-twisted -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "nessus": [{"lastseen": "2020-05-03T02:09:47", "bulletinFamily": "scanner", "description": "Three vulnerabilities were discovered in the HTTP/2 code of the H2O\nHTTP server, which could result in denial of service.", "modified": "2020-05-02T00:00:00", "id": "DEBIAN_DSA-4508.NASL", "href": "https://www.tenable.com/plugins/nessus/128181", "published": "2019-08-27T00:00:00", "title": "Debian DSA-4508-1 : h2o - security update (Ping Flood) (Reset Flood) (Settings Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4508. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128181);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_xref(name:\"DSA\", value:\"4508\");\n\n script_name(english:\"Debian DSA-4508-1 : h2o - security update (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O\nHTTP server, which could result in denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/h2o\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/h2o\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4508\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the h2o packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 2.2.5+dfsg2-2+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:h2o\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/27\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"h2o\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"h2o-doc\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-dev\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-dev-common\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-evloop-dev\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o-evloop0.13\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libh2o0.13\", reference:\"2.2.5+dfsg2-2+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T00:22:01", "bulletinFamily": "scanner", "description": "Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 ", "modified": "2020-05-02T00:00:00", "id": "FREEBSD_PKG_73B1E734C74E11E980520028F8D09152.NASL", "href": "https://www.tenable.com/plugins/nessus/128136", "published": "2019-08-26T00:00:00", "title": "FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (73b1e734-c74e-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128136);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n\n script_name(english:\"FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (73b1e734-c74e-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an\nHTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams\nand sends an invalid request over each stream that should solicit a\nstream of RST_STREAM frames from the peer. Depending on how the peer\nqueues the RST_STREAM frames, this can consume excess memory, CPU, or\nboth, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of\nSETTINGS frames to the peer. Since the RFC requires that the peer\nreply with one acknowledgement per SETTINGS frame, an empty SETTINGS\nframe is almost equivalent in behavior to a ping. Depending on how\nefficiently this data is queued, this can consume excess CPU, memory,\nor both, potentially leading to a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/h2o/h2o/issues/2090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kb.cert.org/vuls/id/605641/\"\n );\n # https://vuxml.freebsd.org/freebsd/73b1e734-c74e-11e9-8052-0028f8d09152.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?a9fac719\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:h2o\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"h2o<2.2.6\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T00:21:59", "bulletinFamily": "scanner", "description": "Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 ", "modified": "2020-05-02T00:00:00", "id": "FREEBSD_PKG_72A5579EC76511E980520028F8D09152.NASL", "href": "https://www.tenable.com/plugins/nessus/128135", "published": "2019-08-26T00:00:00", "title": "FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (72a5579e-c765-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128135);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n\n script_name(english:\"FreeBSD : h2o -- multiple HTTP/2 vulnerabilities (72a5579e-c765-11e9-8052-0028f8d09152) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jonathon Loomey of Netflix reports :\n\nHTTP/2 implementations do not robustly handle abnormal traffic and\nresource exhaustion\n\nRecently, a series of DoS attack vulnerabilities have been reported on\na broad range of HTTP/2 stacks. Among the vulnerabilities, H2O is\nexposed to the following :\n\n- CVE-2019-9512 'Ping Flood': The attacker sends continual pings to an\nHTTP/2 peer, causing the peer to build an internal queue of responses.\nDepending on how efficiently this data is queued, this can consume\nexcess CPU, memory, or both, potentially leading to a denial of\nservice.\n\n- CVE-2019-9514 'Reset Flood': The attacker opens a number of streams\nand sends an invalid request over each stream that should solicit a\nstream of RST_STREAM frames from the peer. Depending on how the peer\nqueues the RST_STREAM frames, this can consume excess memory, CPU, or\nboth, potentially leading to a denial of service.\n\n- CVE-2019-9515 'Settings Flood': The attacker sends a stream of\nSETTINGS frames to the peer. Since the RFC requires that the peer\nreply with one acknowledgement per SETTINGS frame, an empty SETTINGS\nframe is almost equivalent in behavior to a ping. Depending on how\nefficiently this data is queued, this can consume excess CPU, memory,\nor both, potentially leading to a denial of service.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/h2o/h2o/issues/2090\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.kb.cert.org/vuls/id/605641/\"\n );\n # https://vuxml.freebsd.org/freebsd/72a5579e-c765-11e9-8052-0028f8d09152.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1d11da2f\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:h2o-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/08/25\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"h2o-devel<2.3.0.b2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-03-17T22:48:48", "bulletinFamily": "scanner", "description": "The version of Arista Networks EOS running on the remote device is affected by the following vulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, \n remote attacker can open a number of streams and send an invalid request over each stream that should\n solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM\n frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An\n unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS\n frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this\n can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application", "modified": "2020-03-11T00:00:00", "id": "ARISTA_EOS_SA0043.NASL", "href": "https://www.tenable.com/plugins/nessus/134419", "published": "2020-03-11T00:00:00", "title": "Arista Networks EOS Multiple Vulnerabilities (SA0043)", "type": "nessus", "sourceData": "#TRUSTED 736fd21b7c863dedcd0012da870277511210e3c6c75016409f09fe1fd42df3d3c33b1333c8536768c608ddda3904d609cd59f618a5cbf6e853e71d73fd9e73901c6fb9121ebe2b5999ebe7d591792ebe0db4d5c31fbf92717d4e32fedfccc98332c3859b156726b28a7114dfc18d5a498008c850be0ed9219a6d9a675ea6439491866d5e8f7674997c74d84771fdf8b5805ae87a944d88c07566d8d179247b71650c8c193005712ab6dbe7a2c2d34e345d41ca76c34e714964c4db73816df8fbf64ff6f82f7fcefe30fcde263c53037b38cc9b4481346dbe70ecc0c10c8ff85e63adf3f4d97952ab288c1861bd94c8756255b21affa2b1ade3990e7f52476129d0c29c07534b22f8c2cbd2b6e79163b460b26742cac8645e6e76077b6cbf86e96a0f02d3433aee03112953584f92d3ee9f0f27c395e4abb068e5fd5871f1ce8ac15c96481f6dc7b47df08e83f7d81a42a05312bc4d18c12a43bb23488c82bb2d85ad21ac75c58d06398d13e46d45ffa1dd3e326facacc7c8ed046f11ae73dd3a59d73fe9cf6f365b18eb27c5067d507e21db8b8f356b4a358c1c2893fca060a4fd04851b5b4fb5ad10f5713c5015ffde45b6aaed15cd9209818a99880cd18ad806ee3bc5fc216846d1ff113e23a0c4427fec84dc676184dc07b1d6eda8eabda1830a8090921bcacc8c47840cebfbf5b9d15dfbf9a1bdbf7934982b531004330c\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(134419);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/03/13\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n\n script_name(english:\"Arista Networks EOS Multiple Vulnerabilities (SA0043)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by multiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Arista Networks EOS running on the remote device is affected by the following vulnerabilities:\n\n - HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service (DoS).\n An unauthenticated, remote attacker can exploit this, by sending continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or both. (CVE-2019-9512)\n\n - HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a DoS. An unauthenticated, \n remote attacker can open a number of streams and send an invalid request over each stream that should\n solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM\n frames, this can consume excess memory, CPU, or both. (CVE-2019-9514)\n\n - HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a DoS. An\n unauthenticated, remote attacker can exploit this by sending a stream of SETTINGS frames to the peer.\n Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS\n frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this\n can consume excess CPU, memory, or both. (CVE-2019-9515)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n # https://www.arista.com/en/support/advisories-notices/security-advisories/8762-security-advisory-43\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e5070013\");\n script_set_attribute(attribute:\"solution\", value:\n\"Apply the patch or or mitigation or upgrade to a fixed version as referenced in the vendor advisory.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9515\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/03/11\");\n\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"plugin_type\", value:\"combined\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:arista:eos\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"arista_eos_detect.nbin\");\n script_require_keys(\"Host/Arista-EOS/Version\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\n\ninclude('arista_eos_func.inc');\ninclude('audit.inc');\n\nif (report_paranoia < 2)\n audit(AUDIT_PARANOID);\n\nversion = get_kb_item_or_exit('Host/Arista-EOS/Version');\n\nif (version =~ \"([^0-9]|^)4\\.22\\.(0|0\\.1|0\\.2|1|2)F\" ||\n version =~ \"([^0-9]|^)4\\.23\\.(0|0\\.1)F\")\n{\n ext='SecurityAdvisory0043Hotfix-4.22-4.23.rpm 1.0.0/eng';\n sha='ef84fb5e4eb2ffe9f1cf2904cb1b496fb115c444de21f4cf38858daa4a0cba35a6cad9677d01b8f1885df42ff15368c864998eb4afcc7625e39195e08f65c669';\n\n if(eos_extension_installed(ext:ext, sha:sha))\n audit(AUDIT_HOST_NOT, 'affected as a relevant hotfix has been installed');\n}\nelse if (version =~ \"([^0-9]|^)4\\.20\\.(11|11\\.1|12|12\\.1|13|13\\.1|14)M\" ||\n version =~ \"([^0-9]|^)4\\.21\\.(7|7\\.1|8)M\")\n{\n ext='SecurityAdvisory0043Hotfix-4.20-4.21.rpm 1.0.0/eng';\n sha='be17fce400045ee63c7d77cb756e47aebf460c878793b1984ed3c79f7c3be3ec189c986afdcbc3d1814170d2e1f5c594b3ac7d179ebe05eda05c4919d9789036';\n\n if(eos_extension_installed(ext:ext, sha:sha))\n audit(AUDIT_HOST_NOT, 'affected as a relevant hotfix has been installed');\n}\n\n\nvmatrix = make_array();\nvmatrix['all'] = make_list('4.22<=4.22.2',\n '4.21<=4.21.7.1',\n '4.20<=4.20.14',\n '4.19<=4.19.13',\n '4.18<=4.18.99',\n '4.17<=4.17.99');\nvmatrix['F'] = make_list('4.23.0F');\n\nvmatrix['fix'] = '4.20 >= 4.20.15M / 4.21 >= 4.21.9M / 4.22 >= 4.22.3F / 4.23 >= 4.23.1F';\n\nif (eos_is_affected(vmatrix:vmatrix, version:version))\n security_report_v4(severity:SECURITY_HOLE, port:0, extra:eos_report_get());\nelse\n audit(AUDIT_INST_VER_NOT_VULN, 'Arista Networks EOS', version);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-03T02:10:08", "bulletinFamily": "scanner", "description": "Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the\noldstable distribution (stretch). An upgrade to Debian stable (buster)\nis recommended instead.", "modified": "2020-05-02T00:00:00", "id": "DEBIAN_DSA-4520.NASL", "href": "https://www.tenable.com/plugins/nessus/128621", "published": "2019-09-10T00:00:00", "title": "Debian DSA-4520-1 : trafficserver - security update (Empty Frames Flood) (Ping Flood) (Reset Flood) (Settings Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4520. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128621);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/31\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-9518\");\n script_xref(name:\"DSA\", value:\"4520\");\n\n script_name(english:\"Debian DSA-4520-1 : trafficserver - security update (Empty Frames Flood) (Ping Flood) (Reset Flood) (Settings Flood)\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the\noldstable distribution (stretch). An upgrade to Debian stable (buster)\nis recommended instead.\"\n );\n # https://security-tracker.debian.org/tracker/source-package/trafficserver\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?20613153\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/trafficserver\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2019/dsa-4520\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"Upgrade the trafficserver packages.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 8.0.2+ds-1+deb10u1.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:trafficserver\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver-dev\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"trafficserver-experimental-plugins\", reference:\"8.0.2+ds-1+deb10u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T02:03:53", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "modified": "2020-05-02T00:00:00", "id": "ORACLELINUX_ELSA-2019-4273.NASL", "href": "https://www.tenable.com/plugins/nessus/132668", "published": "2020-01-06T00:00:00", "title": "Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:4273 and \n# Oracle Linux Security Advisory ELSA-2019-4273 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(132668);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/08\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:4273\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:1.0 (ELSA-2019-4273) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2019:4273 :\n\nAn update for the container-tools:1.0 module is now available for Red\nHat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nThe container-tools module contains tools for working with containers,\nnotably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2020-January/009495.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected container-tools:1.0 packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/01/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/01/06\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 8\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"buildah-1.5-6.0.1.gite94b4f9.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"container-selinux-2.94-1.git1e99f1d.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"containers-common-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"fuse-overlayfs-0.3-5.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"oci-umount-2.3.4-2.git87f9237.module+el8.1.0+5440+42cffa37\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"podman-docker-1.0.0-4.git921f98f.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"skopeo-0.1.32-6.0.1.git1715c90.module+el8.1.0+5459+24f6812a\")) flag++;\nif (rpm_check(release:\"EL8\", cpu:\"x86_64\", reference:\"slirp4netns-0.1-3.dev.gitc4e1bc5.module+el8.1.0+5440+42cffa37\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah / container-selinux / containernetworking-plugins / etc\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T02:25:06", "bulletinFamily": "scanner", "description": "An update is now available for Red Hat OpenShift Container Platform\n3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat", "modified": "2020-05-02T00:00:00", "id": "REDHAT-RHSA-2019-3906.NASL", "href": "https://www.tenable.com/plugins/nessus/131154", "published": "2019-11-20T00:00:00", "title": "RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:3906. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(131154);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/12/09\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:3906\");\n\n script_name(english:\"RHEL 7 : OpenShift Container Platform 3.11 HTTP/2 (RHSA-2019:3906) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update is now available for Red Hat OpenShift Container Platform\n3.11.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nRed Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or\nprivate cloud deployments.\n\nThe following RPM packages have been rebuilt with updated version of\nGo, which includes the security fixes listed further below :\n\natomic-enterprise-service-catalog atomic-openshift-cluster-autoscaler\natomic-openshift-descheduler atomic-openshift-metrics-server\natomic-openshift-node-problem-detector atomic-openshift-service-idler\natomic-openshift-web-console cockpit csi-attacher csi-driver-registrar\ncsi-livenessprobe csi-provisioner golang-github-openshift-oauth-proxy\ngolang-github-openshift-prometheus-alert-buffer\ngolang-github-prometheus-alertmanager\ngolang-github-prometheus-node_exporter\ngolang-github-prometheus-prometheus hawkular-openshift-agent heapster\nimage-inspector openshift-enterprise-autoheal\nopenshift-enterprise-cluster-capacity openshift-eventrouter\nopenshift-external-storage\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:3906\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-cluster-autoscaler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-descheduler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-metrics-server\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-node-problem-detector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-service-idler\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-openshift-web-console\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-kubernetes\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-attacher-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-driver-registrar-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-livenessprobe-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:csi-provisioner-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-oauth-proxy\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-github-openshift-prometheus-alert-buffer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:hawkular-openshift-agent\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:heapster\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:image-inspector\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-autoheal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-enterprise-cluster-capacity\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-eventrouter-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-cephfs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-efs-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-local-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-manila-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-controller\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-external-storage-snapshot-provisioner\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-alertmanager\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:prometheus-node-exporter\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/11/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/11/20\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:3906\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-enterprise-service-catalog-svcat-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-3.11.154-1.git.1.fa68ced.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-cluster-autoscaler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-cluster-autoscaler-3.11.154-1.git.1.532da7a.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-descheduler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-descheduler-3.11.154-1.git.1.1d31032.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-metrics-server-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-metrics-server-3.11.154-1.git.1.6a6b6ce.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-node-problem-detector-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-node-problem-detector-3.11.154-1.git.1.5e8e065.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-service-idler-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-service-idler-3.11.154-1.git.1.f80fb86.el7\")) flag++;\n if (rpm_exists(rpm:\"atomic-openshift-web-console-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-openshift-web-console-3.11.154-1.git.1.f54cb18.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-debuginfo-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"cockpit-kubernetes-195-2.rhaos.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-attacher-debuginfo-0.2.0-4.git27299be.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-driver-registrar-debuginfo-0.2.0-2.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-livenessprobe-debuginfo-0.0.1-2.gitff5b6a0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-0.2.0-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"csi-provisioner-debuginfo-0.2.0-3.el7\")) flag++;\n if (rpm_exists(rpm:\"golang-github-openshift-oauth-proxy-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-oauth-proxy-3.11.154-1.git.1.220e3dc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"golang-github-openshift-prometheus-alert-buffer-0-3.gitceca8c1.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"hawkular-openshift-agent-1.2.2-3.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"heapster-1.3.0-4.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"image-inspector-2.4.0-4.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-autoheal-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-autoheal-3.11.154-1.git.1.13199be.el7\")) flag++;\n if (rpm_exists(rpm:\"openshift-enterprise-cluster-capacity-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-enterprise-cluster-capacity-3.11.154-1.git.1.5798c2c.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-eventrouter-debuginfo-0.2-4.git7c289cc.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-cephfs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-debuginfo-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-efs-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-local-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-manila-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-controller-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-external-storage-snapshot-provisioner-0.0.2-9.gitd3c94f0.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-3.11.154-1.git.1.148db48.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-alertmanager-3.11.154-1.git.1.4acd2e6.el7\")) flag++;\n if (rpm_exists(rpm:\"prometheus-node-exporter-3.11\", release:\"RHEL7\") && rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"prometheus-node-exporter-3.11.154-1.git.1.bc9f224.el7\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-23T03:52:00", "bulletinFamily": "scanner", "description": "An update for the go-toolset:rhel8 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah\nis compiled with FIPS mode (BZ#1743169)", "modified": "2019-09-11T00:00:00", "id": "REDHAT-RHSA-2019-2726.NASL", "href": "https://www.tenable.com/plugins/nessus/128666", "published": "2019-09-11T00:00:00", "title": "RHEL 8 : go-toolset:rhel8 (RHSA-2019:2726) (Ping Flood) (Reset Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2019:2726. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128666);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/22\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2726\");\n\n script_name(english:\"RHEL 8 : go-toolset:rhel8 (RHSA-2019:2726) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"An update for the go-toolset:rhel8 module is now available for Red Hat\nEnterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nGo Toolset provides the Go programming language tools and libraries.\nGo is alternatively known as golang.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\n\nBug Fix(es) :\n\n* Failure trying to conntect to image registry using TLS when buildah\nis compiled with FIPS mode (BZ#1743169)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2726\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-9512\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:golang-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:enterprise_linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/go-toolset');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module go-toolset:' + module_ver);\n\nappstreams = {\n 'go-toolset:rhel8': [\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'go-toolset-1.11.13-1.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'golang-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'aarch64', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'s390x', 'release':'8'},\n {'reference':'golang-bin-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-docs-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-misc-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-race-1.11.13-2.module+el8.0.1+4087+d8180914', 'cpu':'x86_64', 'release':'8'},\n {'reference':'golang-src-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'},\n {'reference':'golang-tests-1.11.13-2.module+el8.0.1+4087+d8180914', 'release':'8'}\n ],\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module go-toolset:rhel8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'go-toolset / golang / golang-bin / etc');\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-08T16:45:08", "bulletinFamily": "scanner", "description": "According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "modified": "2019-09-23T00:00:00", "id": "EULEROS_SA-2019-1967.NASL", "href": "https://www.tenable.com/plugins/nessus/129124", "published": "2019-09-23T00:00:00", "title": "EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(129124);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/07\");\n\n script_cve_id(\n \"CVE-2019-9512\",\n \"CVE-2019-9514\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : golang (EulerOS-SA-2019-1967)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the\nEulerOS installation on the remote host is affected by the following\nvulnerabilities :\n\n - Some HTTP/2 implementations are vulnerable to ping\n floods, potentially leading to a denial of service. The\n attacker sends continual pings to an HTTP/2 peer,\n causing the peer to build an internal queue of\n responses. Depending on how efficiently this data is\n queued, this can consume excess CPU, memory, or\n both.(CVE-2019-9512)\n\n - Some HTTP/2 implementations are vulnerable to a reset\n flood, potentially leading to a denial of service. The\n attacker opens a number of streams and sends an invalid\n request over each stream that should solicit a stream\n of RST_STREAM frames from the peer. Depending on how\n the peer queues the RST_STREAM frames, this can consume\n excess memory, CPU, or both.(CVE-2019-9514)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?c0413d68\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"golang-1.12-5.eulerosv2r7\",\n \"golang-bin-1.12-5.eulerosv2r7\",\n \"golang-src-1.12-5.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-05-01T02:23:11", "bulletinFamily": "scanner", "description": "An update for the openshift and atomic-enterprise-service-catalog\npackages is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have\nbeen rebuilt with updates versions of golang. The golang packages\nprovide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.", "modified": "2020-05-02T00:00:00", "id": "REDHAT-RHSA-2019-2661.NASL", "href": "https://www.tenable.com/plugins/nessus/128657", "published": "2019-09-11T00:00:00", "title": "RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2019:2661. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128657);\n script_version(\"1.5\");\n script_cvs_date(\"Date: 2019/12/27\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_xref(name:\"RHSA\", value:\"2019:2661\");\n\n script_name(english:\"RHEL 7 / 8 : Red Hat OpenShift Container Platform 4.1 openshift RPM (RHSA-2019:2661) (Ping Flood) (Reset Flood)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An update for the openshift and atomic-enterprise-service-catalog\npackages is now available for Red Hat OpenShift Container Platform\n4.1.\n\nRed Hat Product Security has rated this update as having a security\nimpact of Important. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available for each\nvulnerability from the CVE link(s) in the References section.\n\nBoth the openshift and atomic-enterprise-service-catalog packages have\nbeen rebuilt with updates versions of golang. The golang packages\nprovide the Go programming language compiler.\n\nSecurity Fix(es) :\n\n* HTTP/2: flood using PING frames results in unbounded memory growth\n(CVE-2019-9512)\n\n* HTTP/2: flood using HEADERS frames results in unbounded memory\ngrowth (CVE-2019-9514)\n\nFor more details about the security issue(s), including the impact, a\nCVSS score, acknowledgments, and other related information, refer to\nthe CVE page(s) listed in the References section.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2019:2661\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9512\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2019-9514\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:atomic-enterprise-service-catalog-svcat\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-clients-redistributable\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openshift-hyperkube\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/08/13\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/11\");\n script_set_attribute(attribute:\"in_the_news\", value:\"true\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(7|8)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x / 8.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2019:2661\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"atomic-enterprise-service-catalog-svcat-4.1.14-201908290858.git.1.28cc9ff.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n if (rpm_check(release:\"RHEL7\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el7\")) flag++;\n\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-clients-redistributable-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n if (rpm_check(release:\"RHEL8\", cpu:\"x86_64\", reference:\"openshift-hyperkube-4.1.14-201908290858.git.0.3bd3467.el8\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"atomic-enterprise-service-catalog / etc\");\n }\n}\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "openvas": [{"lastseen": "2019-08-27T12:51:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-08-27T00:00:00", "published": "2019-08-27T00:00:00", "id": "OPENVAS:1361412562310704508", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704508", "title": "Debian Security Advisory DSA 4508-1 (h2o - security update)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704508\");\n script_version(\"2019-08-27T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-08-27 02:00:16 +0000 (Tue, 27 Aug 2019)\");\n script_name(\"Debian Security Advisory DSA 4508-1 (h2o - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4508.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4508-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'h2o'\n package(s) announced via the DSA-4508-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP\nserver, which could result in denial of service.\");\n\n script_tag(name:\"affected\", value:\"'h2o' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 2.2.5+dfsg2-2+deb10u1.\n\nWe recommend that you upgrade your h2o packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"h2o\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"h2o-doc\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-dev-common\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop-dev\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o-evloop0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libh2o0.13\", ver:\"2.2.5+dfsg2-2+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-10-30T10:20:45", "bulletinFamily": "scanner", "description": "Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.", "modified": "2019-10-28T00:00:00", "published": "2019-10-28T00:00:00", "id": "OPENVAS:1361412562310143069", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310143069", "title": "Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) of the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nCPE = \"cpe:/a:apache:traffic_server\";\n\nif (description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.143069\");\n script_version(\"2019-10-28T05:15:58+0000\");\n script_tag(name:\"last_modification\", value:\"2019-10-28 05:15:58 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-10-28 05:08:21 +0000 (Mon, 28 Oct 2019)\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-10079\");\n\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n script_name(\"Apache Traffic Server (ATS) Multiple HTTP/2 DoS vulnerabilities\");\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Denial of Service\");\n script_dependencies(\"gb_apache_traffic_detect.nasl\");\n script_mandatory_keys(\"apache_trafficserver/installed\");\n\n script_tag(name:\"summary\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities\n in the HTTP/2 implementation.\");\n\n script_tag(name:\"insight\", value:\"Apache Traffic Server is prone to multiple denial of service vulnerabilities:\n\n - Ping Flood (CVE-2019-9512)\n\n - Reset Flood (CVE-2019-9514)\n\n - Settings Flood (CVE-2019-9515)\n\n - Malformed SETTINGS frames (CVE-2019-10079)\");\n\n script_tag(name:\"affected\", value:\"Apache Traffic Server versions 6.0.0 - 6.2.3, 7.0.0 - 7.1.6 and 8.0.0 - 8.0.3.\");\n\n script_tag(name:\"solution\", value:\"Update to version 7.1.7, 8.0.4 or later.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable version is present on the target host.\");\n\n script_xref(name:\"URL\", value:\"https://lists.apache.org/thread.html/bde52309316ae798186d783a5e29f4ad1527f61c9219a289d0eee0a7@%3Cdev.trafficserver.apache.org%3E\");\n\n exit(0);\n}\n\ninclude(\"host_details.inc\");\ninclude(\"version_func.inc\");\n\nif (!port = get_app_port(cpe: CPE))\n exit(0);\n\nif (!version = get_app_version(cpe: CPE, port: port))\n exit(0);\n\nif (version_in_range(version: version, test_version: \"6.0.0\", test_version2: \"6.2.3\") ||\n version_in_range(version: version, test_version: \"7.0.0\", test_version2: \"7.1.6\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"7.1.7\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nif (version_in_range(version: version, test_version: \"8.0.0\", test_version2: \"8.0.3\")) {\n report = report_fixed_ver(installed_version: version, fixed_version: \"8.0.4\");\n security_message(port: port, data: report);\n exit(0);\n}\n\nexit(99);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-12T16:55:07", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-09-11T00:00:00", "published": "2019-09-11T00:00:00", "id": "OPENVAS:1361412562310704520", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704520", "title": "Debian Security Advisory DSA 4520-1 (trafficserver - security update)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704520\");\n script_version(\"2019-09-11T02:00:16+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-9515\", \"CVE-2019-9518\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-11 02:00:16 +0000 (Wed, 11 Sep 2019)\");\n script_name(\"Debian Security Advisory DSA 4520-1 (trafficserver - security update)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB10\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2019/dsa-4520.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4520-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'trafficserver'\n package(s) announced via the DSA-4520-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Several vulnerabilities were discovered in the HTTP/2 code of Apache\nTraffic Server, a reverse and forward proxy server, which could result\nin denial of service.\n\nThe fixes are too intrusive to backport to the version in the oldstable\ndistribution (stretch). An upgrade to Debian stable (buster) is\nrecommended instead.\");\n\n script_tag(name:\"affected\", value:\"'trafficserver' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the stable distribution (buster), these problems have been fixed in\nversion 8.0.2+ds-1+deb10u1.\n\nWe recommend that you upgrade your trafficserver packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-dev\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"trafficserver-experimental-plugins\", ver:\"8.0.2+ds-1+deb10u1\", rls:\"DEB10\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:38:31", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191967", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191967", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1967\");\n script_version(\"2020-01-23T12:28:43+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:28:43 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-1967)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1967\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1967\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-1967 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.12~5.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-10T14:49:12", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2019-09-10T00:00:00", "published": "2019-09-07T00:00:00", "id": "OPENVAS:1361412562310876757", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310876757", "title": "Fedora Update for golang FEDORA-2019-55d101a740", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.876757\");\n script_version(\"2019-09-10T08:05:24+0000\");\n script_cve_id(\"CVE-2019-9512\", \"CVE-2019-9514\", \"CVE-2019-14809\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2019-09-10 08:05:24 +0000 (Tue, 10 Sep 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-09-07 02:23:49 +0000 (Sat, 07 Sep 2019)\");\n script_name(\"Fedora Update for golang FEDORA-2019-55d101a740\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC30\");\n\n script_xref(name:\"FEDORA\", value:\"2019-55d101a740\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYO6E3H34C346D2E443GLXK7OK6KIYIQ\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'golang'\n package(s) announced via the FEDORA-2019-55d101a740 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Go Programming Language.\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Fedora 30.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC30\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.12.9~1.fc30\", rls:\"FC30\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:29:25", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852903", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852903", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852903\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:44:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2130-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2130-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2130-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2130=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.21.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:51:02", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-09-06T00:00:00", "id": "OPENVAS:1361412562310852691", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852691", "title": "openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852691\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-06 02:00:56 +0000 (Fri, 06 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.11 (openSUSE-SU-2019:2072-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2072-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.11'\n package(s) announced via the openSUSE-SU-2019:2072-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.11 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.11.13 (bsc#1141688).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2072=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2072=1\");\n\n script_tag(name:\"affected\", value:\"'go1.11' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11\", rpm:\"go1.11~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-doc\", rpm:\"go1.11-doc~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.11-race\", rpm:\"go1.11-race~1.11.13~lp150.18.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:54:18", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-09-03T00:00:00", "id": "OPENVAS:1361412562310852683", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852683", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)", "type": "openvas", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852683\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-09-03 02:03:45 +0000 (Tue, 03 Sep 2019)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2056-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2056-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2056-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2056=1\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-2056=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-31T16:30:52", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2020-01-09T00:00:00", "id": "OPENVAS:1361412562310852848", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852848", "title": "openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852848\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-09 09:36:02 +0000 (Thu, 09 Jan 2020)\");\n script_name(\"openSUSE: Security Advisory for go1.12 (openSUSE-SU-2019:2000-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:2000-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'go1.12'\n package(s) announced via the openSUSE-SU-2019:2000-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth. (bsc#1146111)\n\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset\n flood, potentially leading to a denial of service. (bsc#1146115)\n\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in\n URLs. (bsc#1146123)\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2019-2000=1\");\n\n script_tag(name:\"affected\", value:\"'go1.12' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12\", rpm:\"go1.12~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-doc\", rpm:\"go1.12-doc~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"go1.12-race\", rpm:\"go1.12-race~1.12.9~lp151.2.9.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2020-01-27T18:36:38", "bulletinFamily": "scanner", "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220192078", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220192078", "title": "Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)", "type": "openvas", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.2078\");\n script_version(\"2020-01-23T12:33:22+0000\");\n script_cve_id(\"CVE-2019-14809\", \"CVE-2019-9512\", \"CVE-2019-9514\");\n script_tag(name:\"cvss_base\", value:\"7.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:33:22 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2019-2078)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-2078\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-2078\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'golang' package(s) announced via the EulerOS-SA-2019-2078 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Some HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.(CVE-2019-9512)\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.(CVE-2019-9514)\n\nnet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com.(CVE-2019-14809)\");\n\n script_tag(name:\"affected\", value:\"'golang' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"golang\", rpm:\"golang~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-bin\", rpm:\"golang-bin~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"golang-src\", rpm:\"golang-src~1.11~4.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "symantec": [{"lastseen": "2019-08-22T22:49:43", "bulletinFamily": "software", "description": "### Description\n\nMicrosoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition.\n\n### Technologies Affected\n\n * Apple SwiftNIO HTTP/2 1.0.0 \n * Apple SwiftNIO HTTP/2 1.1.0 \n * Apple SwiftNIO HTTP/2 1.2.0 \n * Apple SwiftNIO HTTP/2 1.3.0 \n * Apple SwiftNIO HTTP/2 1.4.0 \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n * RFC 7540 HTTP/2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "SMNTC-109637", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109637", "title": "Microsoft Windows 'HTTP.sys' CVE-2019-9512 Denial of Service Vulnerability", "type": "symantec", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-08-22T22:49:45", "bulletinFamily": "software", "description": "### Description\n\nMicrosoft Windows is prone to a remote denial-of-service vulnerability. An attacker can exploit this issue to cause the affected system to become unresponsive, resulting in a denial-of-service condition.\n\n### Technologies Affected\n\n * Apple SwiftNIO HTTP/2 1.0.0 \n * Apple SwiftNIO HTTP/2 1.1.0 \n * Apple SwiftNIO HTTP/2 1.2.0 \n * Apple SwiftNIO HTTP/2 1.3.0 \n * Apple SwiftNIO HTTP/2 1.4.0 \n * Microsoft Windows 10 Version 1607 for 32-bit Systems \n * Microsoft Windows 10 Version 1607 for x64-based Systems \n * Microsoft Windows 10 Version 1709 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for 32-bit Systems \n * Microsoft Windows 10 Version 1803 for ARM64-based Systems \n * Microsoft Windows 10 Version 1803 for x64-based Systems \n * Microsoft Windows 10 Version 1809 for 32-bit Systems \n * Microsoft Windows 10 Version 1809 for ARM64-based Systems \n * Microsoft Windows 10 Version 1809 for x64-based Systems \n * Microsoft Windows 10 Version 1903 for 32-bit Systems \n * Microsoft Windows 10 Version 1903 for ARM64-based Systems \n * Microsoft Windows 10 Version 1903 for x64-based Systems \n * Microsoft Windows 10 for 32-bit Systems \n * Microsoft Windows 10 for x64-based Systems \n * Microsoft Windows 10 version 1703 for 32-bit Systems \n * Microsoft Windows 10 version 1703 for x64-based Systems \n * Microsoft Windows 10 version 1709 for 32-bit Systems \n * Microsoft Windows 10 version 1709 for x64-based Systems \n * Microsoft Windows Server 1803 \n * Microsoft Windows Server 1903 \n * Microsoft Windows Server 2016 \n * Microsoft Windows Server 2019 \n * RFC 7540 HTTP/2 \n\n### Recommendations\n\n**Block external access at the network boundary, unless external parties require service.** \nIf global access isn't needed, filter access to the affected computer at the network boundary. Restricting access to only trusted computers and networks might greatly reduce the likelihood of exploits.\n\n**Deploy network intrusion detection systems to monitor network traffic for malicious activity.** \nDeploy NIDS to monitor network traffic for signs of anomalous or suspicious activity. This includes unexplained incoming and outgoing traffic. This may indicate exploit attempts or activity that results from successful exploits.\n\nUpdates are available. Please see the references or vendor advisory for more information.\n", "modified": "2019-08-13T00:00:00", "published": "2019-08-13T00:00:00", "id": "SMNTC-109636", "href": "https://www.symantec.com/content/symantec/english/en/security-center/vulnerabilities/writeup.html/109636", "title": "Microsoft Windows 'HTTP.sys' CVE-2019-9514 Denial of Service Vulnerability", "type": "symantec", "cvss": {"score": 0.0, "vector": "NONE"}}], "apple": [{"lastseen": "2020-05-07T18:05:34", "bulletinFamily": "software", "description": "## About Apple security updates\n\nFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the [Apple security updates](<https://support.apple.com/kb/HT201222>) page.\n\nApple security documents reference vulnerabilities by [CVE-ID](<http://cve.mitre.org/about/>) when possible.\n\nFor more information about security, see the [Apple Product Security](<https://support.apple.com/kb/HT201220>) page.\n\n\n\n## SwiftNIO HTTP/2 1.5.0\n\nReleased August 13, 2019\n\n**SwiftNIO HTTP/2**\n\nAvailable for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later\n\nImpact: A HTTP/2 server may consume unbounded amounts of memory when receiving certain traffic patterns and eventually suffer resource exhaustion\n\nDescription: This issue was addressed with improved buffer size management.\n\nCVE-2019-9512: Jonathan Looney of Netflix\n\nCVE-2019-9514: Jonathan Looney of Netflix\n\nCVE-2019-9515: Jonathan Looney of Netflix\n\nCVE-2019-9516: Jonathan Looney of Netflix\n\n**SwiftNIO HTTP/2**\n\nAvailable for: SwiftNIO HTTP/2 1.0.0 through 1.4.0 on macOS Sierra 10.12 and later and Ubuntu 14.04 and later\n\nImpact: A HTTP/2 server may consume excessive CPU resources when receiving certain traffic patterns\n\nDescription: This issue was addressed with improved input validation.\n\nCVE-2019-9518: Piotr Sikora of Google, Envoy Security Team\n", "modified": "2019-08-13T06:09:21", "published": "2019-08-13T06:09:21", "id": "APPLE:HT210436", "href": "https://support.apple.com/kb/HT210436", "title": "About the security content of SwiftNIO HTTP/2 1.5.0 - Apple Support", "type": "apple", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "oraclelinux": [{"lastseen": "2019-09-17T22:30:36", "bulletinFamily": "unix", "description": "go-toolset\n[1.11.13-1]\n- Bump version to 1.11.13\n- Related: rhbz#1743204\n- Related: rhbz#1743206\ngolang\n[1.11.13-2]\n- Improve error message when using non-FIPS API in FIPS mode.\n- Fixes CVE-2019-9512.\n- Fixes CVE-2019-9514.\n- Resolves: rhbz#1745711\n- Resolves: rhbz#1745705\n[1.11.6-3]\n- Updates to be less strict on key size in FIPS mode\n- Resolves: rhbz#1731550\n[1.11.6-2]\n- Lock to specific OpenSSL version on build\n- Resolves: rhbz#1709606", "modified": "2019-09-17T00:00:00", "published": "2019-09-17T00:00:00", "id": "ELSA-2019-2726", "href": "http://linux.oracle.com/errata/ELSA-2019-2726.html", "title": "go-toolset:rhel8 security and bug fix update", "type": "oraclelinux", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "amazon": [{"lastseen": "2019-10-04T00:28:31", "bulletinFamily": "unix", "description": "**Issue Overview:**\n\nnet/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malformed hosts in URLs, leading to an authorization bypass in some applications. This is related to a Host field with a suffix appearing in neither Hostname() nor Port(), and is related to a non-numeric port number. For example, an attacker can compose a crafted javascript:// URL that results in a hostname of google.com. ([CVE-2019-14809 __](<https://access.redhat.com/security/cve/CVE-2019-14809>))\n\nSome HTTP/2 implementations are vulnerable to ping floods, potentially leading to a denial of service. The attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal queue of responses. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.([CVE-2019-9512 __](<https://access.redhat.com/security/cve/CVE-2019-9512>))\n\nSome HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.([CVE-2019-9514 __](<https://access.redhat.com/security/cve/CVE-2019-9514>))\n\n \n**Affected Packages:** \n\n\ngolang\n\n \n**Issue Correction:** \nRun _yum update golang_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n golang-1.12.8-1.51.amzn1.i686 \n golang-bin-1.12.8-1.51.amzn1.i686 \n \n noarch: \n golang-src-1.12.8-1.51.amzn1.noarch \n golang-tests-1.12.8-1.51.amzn1.noarch \n golang-docs-1.12.8-1.51.amzn1.noarch \n golang-misc-1.12.8-1.51.amzn1.noarch \n \n src: \n golang-1.12.8-1.51.amzn1.src \n \n x86_64: \n golang-race-1.12.8-1.51.amzn1.x86_64 \n golang-bin-1.12.8-1.51.amzn1.x86_64 \n golang-1.12.8-1.51.amzn1.x86_64 \n \n \n", "modified": "2019-10-02T23:03:00", "published": "2019-10-02T23:03:00", "id": "ALAS-2019-1270", "href": "https://alas.aws.amazon.com/ALAS-2019-1270.html", "title": "Important: golang", "type": "amazon", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}], "suse": [{"lastseen": "2019-09-14T20:43:21", "bulletinFamily": "unix", "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2019-09-14T18:10:28", "published": "2019-09-14T18:10:28", "id": "OPENSUSE-SU-2019:2130-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00038.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-08-24T19:35:36", "bulletinFamily": "unix", "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth. (bsc#1146111)\n - CVE-2019-9514: Fixed HTTP/2 implementation is vulnerable to a reset\n flood, potentially leading to a denial of service. (bsc#1146115)\n - CVE-2019-14809: Fixed authorization bypass due to malformed hosts in\n URLs. (bsc#1146123)\n\n", "modified": "2019-08-24T18:12:22", "published": "2019-08-24T18:12:22", "id": "OPENSUSE-SU-2019:2000-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00076.html", "title": "Security update for go1.12 (important)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-05T16:51:53", "bulletinFamily": "unix", "description": "This update for go1.11 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.11.13 (bsc#1141688).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2019-09-05T15:11:31", "published": "2019-09-05T15:11:31", "id": "OPENSUSE-SU-2019:2072-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00011.html", "title": "Security update for go1.11 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-07T22:40:45", "bulletinFamily": "unix", "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2019-09-07T21:11:24", "published": "2019-09-07T21:11:24", "id": "OPENSUSE-SU-2019:2085-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00021.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}, {"lastseen": "2019-09-02T20:46:56", "bulletinFamily": "unix", "description": "This update for go1.12 fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in\n unbounded memory growth (bsc#1146111).\n - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset\n flood, potentially leading to a denial of service (bsc#1146115).\n - CVE-2019-14809: Fixed malformed hosts in URLs that leads to\n authorization bypass (bsc#1146123).\n\n Bugfixes:\n\n - Update to go version 1.12.9 (bsc#1141689).\n - Adding Web Assembly stuff from misc/wasm (bsc#1139210).\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "modified": "2019-09-02T18:14:05", "published": "2019-09-02T18:14:05", "id": "OPENSUSE-SU-2019:2056-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00002.html", "title": "Security update for go1.12 (moderate)", "type": "suse", "cvss": {"score": 7.8, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:C"}}]}