(RHSA-2023:0693) Moderate: Migration Toolkit for Containers (MTC) 1.7.7 security and bug fix update

2023-02-09T02:15:47

Description

The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API. Security Fix(es) from Bugzilla: * async: Prototype Pollution in async (CVE-2021-43138) * golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879) * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880) * golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664) * golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149) * golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190) * golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715) * golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717) * golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189) For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

{"id": "RHSA-2023:0693", "vendorId": null, "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2023:0693) Moderate: Migration Toolkit for Containers (MTC) 1.7.7 security and bug fix update", "description": "The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.\n\nSecurity Fix(es) from Bugzilla:\n\n* async: Prototype Pollution in async (CVE-2021-43138)\n\n* golang: archive/tar: unbounded memory consumption when reading headers (CVE-2022-2879)\n\n* golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters (CVE-2022-2880)\n\n* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)\n\n* golang: golang.org/x/text/language: ParseAcceptLanguage takes a long time to parse complex tags (CVE-2022-32149)\n\n* golang: net/url: JoinPath does not strip relative path components in all circumstances (CVE-2022-32190)\n\n* golang: regexp/syntax: limit memory used by parsing regexps (CVE-2022-41715)\n\n* golang: net/http: An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)\n\n* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.", "published": "2023-02-09T02:15:47", "modified": "2023-02-09T02:15:57", "epss": [{"cve": "CVE-2021-4235", "epss": 0.00045, "percentile": 0.12471, "modified": "2023-05-23"}, {"cve": "CVE-2021-43138", "epss": 0.00069, "percentile": 0.2821, "modified": "2023-05-23"}, {"cve": "CVE-2021-46848", "epss": 0.00083, "percentile": 0.34094, "modified": "2023-05-23"}, {"cve": "CVE-2022-2056", "epss": 0.0008, "percentile": 0.32863, "modified": "2023-06-06"}, {"cve": "CVE-2022-2057", "epss": 0.0008, "percentile": 0.32863, "modified": "2023-06-06"}, {"cve": "CVE-2022-2058", "epss": 0.0008, "percentile": 0.32863, "modified": "2023-06-06"}, {"cve": "CVE-2022-2519", "epss": 0.00047, "percentile": 0.14517, "modified": "2023-06-06"}, {"cve": "CVE-2022-2520", "epss": 0.00047, "percentile": 0.14517, "modified": "2023-06-06"}, {"cve": "CVE-2022-2521", "epss": 0.00047, "percentile": 0.14517, "modified": "2023-06-06"}, {"cve": "CVE-2022-27664", "epss": 0.00075, "percentile": 0.30515, "modified": "2023-06-03"}, {"cve": "CVE-2022-2867", "epss": 0.00042, "percentile": 0.05712, "modified": "2023-06-03"}, {"cve": "CVE-2022-2868", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-2869", "epss": 0.00042, "percentile": 0.05712, "modified": "2023-06-03"}, {"cve": "CVE-2022-2879", "epss": 0.00056, "percentile": 0.2105, "modified": "2023-06-03"}, {"cve": "CVE-2022-2880", "epss": 0.00076, "percentile": 0.30848, "modified": "2023-06-03"}, {"cve": "CVE-2022-2953", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-2995", "epss": 0.00043, "percentile": 0.06992, "modified": "2023-06-03"}, {"cve": "CVE-2022-30631", "epss": 0.00056, "percentile": 0.2105, "modified": "2023-06-03"}, {"cve": "CVE-2022-3162", "epss": 0.00058, "percentile": 0.2259, "modified": "2023-06-03"}, {"cve": "CVE-2022-32148", "epss": 0.00052, "percentile": 0.18184, "modified": "2023-06-03"}, {"cve": "CVE-2022-32149", "epss": 0.00059, "percentile": 0.22939, "modified": "2023-06-03"}, {"cve": "CVE-2022-32189", "epss": 0.00059, "percentile": 0.22939, "modified": "2023-06-03"}, {"cve": "CVE-2022-32190", "epss": 0.00061, "percentile": 0.24103, "modified": "2023-06-03"}, {"cve": "CVE-2022-3259", "epss": 0.00089, "percentile": 0.368, "modified": "2023-06-03"}, {"cve": "CVE-2022-35737", "epss": 0.00076, "percentile": 0.30853, "modified": "2023-06-03"}, {"cve": "CVE-2022-3821", "epss": 0.00042, "percentile": 0.05664, "modified": "2023-06-03"}, {"cve": "CVE-2022-40303", "epss": 0.00124, "percentile": 0.45661, "modified": "2023-06-03"}, {"cve": "CVE-2022-40304", "epss": 0.00079, "percentile": 0.32505, "modified": "2023-06-03"}, {"cve": "CVE-2022-41715", "epss": 0.00059, "percentile": 0.22939, "modified": "2023-06-03"}, {"cve": "CVE-2022-41717", "epss": 0.00052, "percentile": 0.18184, "modified": "2023-06-03"}, {"cve": "CVE-2022-42010", "epss": 0.0006, "percentile": 0.23665, "modified": "2023-06-03"}, {"cve": "CVE-2022-42011", "epss": 0.0006, "percentile": 0.23665, "modified": "2023-06-03"}, {"cve": "CVE-2022-42012", "epss": 0.00051, "percentile": 0.17867, "modified": "2023-06-03"}, {"cve": "CVE-2022-43680", "epss": 0.00092, "percentile": 0.38209, "modified": "2023-06-03"}, {"cve": "CVE-2022-44617", "epss": 0.00069, "percentile": 0.28435, "modified": "2023-06-03"}, {"cve": "CVE-2022-46285", "epss": 0.00087, "percentile": 0.35829, "modified": "2023-06-03"}, {"cve": "CVE-2022-4883", "epss": 0.00067, "percentile": 0.2761, "modified": "2023-06-03"}], "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cvss2": {"cvssV2": {"version": "2.0", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "MEDIUM", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 6.8}, "severity": "MEDIUM", "exploitabilityScore": 8.6, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}, "cvss3": {"cvssV3": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H", "attackVector": "NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseScore": 9.1, "baseSeverity": "CRITICAL"}, "exploitabilityScore": 3.9, "impactScore": 5.2}, "href": "https://access.redhat.com/errata/RHSA-2023:0693", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2021-4235", "CVE-2021-43138", "CVE-2021-46848", "CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-27664", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-2953", "CVE-2022-2995", "CVE-2022-30631", "CVE-2022-3162", "CVE-2022-3172", "CVE-2022-32148", "CVE-2022-32149", "CVE-2022-32189", "CVE-2022-32190", "CVE-2022-3259", "CVE-2022-3466", "CVE-2022-35737", "CVE-2022-3821", "CVE-2022-40303", "CVE-2022-40304", "CVE-2022-41715", "CVE-2022-41717", "CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012", "CVE-2022-43680", "CVE-2022-44617", "CVE-2022-46285", "CVE-2022-4883"], "immutableFields": [], "lastseen": "2023-06-06T15:07:32", "viewCount": 19, "enchantments": {"score": {"value": 7.6, "vector": "NONE"}, "dependencies": {"references": [{"type": "aix", "idList": ["LIBXML2_ADVISORY4.ASC"]}, {"type": "almalinux", "idList": ["ALSA-2022:5775", "ALSA-2022:5799", "ALSA-2022:7129", "ALSA-2022:7519", "ALSA-2022:7529", "ALSA-2022:7548", "ALSA-2022:7648", "ALSA-2022:7950", "ALSA-2022:8057", "ALSA-2022:8098", "ALSA-2022:8250", "ALSA-2023:0095", "ALSA-2023:0096", "ALSA-2023:0100", "ALSA-2023:0103", "ALSA-2023:0110", "ALSA-2023:0116", "ALSA-2023:0173", "ALSA-2023:0302", "ALSA-2023:0328", "ALSA-2023:0335", "ALSA-2023:0336", "ALSA-2023:0337", "ALSA-2023:0338", "ALSA-2023:0339", "ALSA-2023:0343", "ALSA-2023:0379", "ALSA-2023:0383", "ALSA-2023:0446", "ALSA-2023:2167", "ALSA-2023:2177", "ALSA-2023:2193", "ALSA-2023:2204", "ALSA-2023:2222", "ALSA-2023:2236", "ALSA-2023:2253", "ALSA-2023:2282", "ALSA-2023:2283", "ALSA-2023:2357", "ALSA-2023:2367", "ALSA-2023:2592", "ALSA-2023:2758", "ALSA-2023:2780", "ALSA-2023:2784", "ALSA-2023:2785", "ALSA-2023:2802", "ALSA-2023:2866"]}, {"type": "alpinelinux", "idList": ["ALPINE:CVE-2021-46848", "ALPINE:CVE-2022-2056", "ALPINE:CVE-2022-2057", "ALPINE:CVE-2022-2058", "ALPINE:CVE-2022-2519", "ALPINE:CVE-2022-2520", "ALPINE:CVE-2022-2521", "ALPINE:CVE-2022-27664", "ALPINE:CVE-2022-2867", "ALPINE:CVE-2022-2868", "ALPINE:CVE-2022-2869", "ALPINE:CVE-2022-2879", "ALPINE:CVE-2022-2880", "ALPINE:CVE-2022-2953", "ALPINE:CVE-2022-30631", "ALPINE:CVE-2022-32148", "ALPINE:CVE-2022-32149", "ALPINE:CVE-2022-32189", "ALPINE:CVE-2022-32190", "ALPINE:CVE-2022-35737", "ALPINE:CVE-2022-40303", "ALPINE:CVE-2022-40304", "ALPINE:CVE-2022-41715", "ALPINE:CVE-2022-41717", "ALPINE:CVE-2022-42010", "ALPINE:CVE-2022-42011", "ALPINE:CVE-2022-42012", "ALPINE:CVE-2022-43680", "ALPINE:CVE-2022-44617", "ALPINE:CVE-2022-46285", "ALPINE:CVE-2022-4883"]}, {"type": "altlinux", "idList": ["0B731DC120C786666924D006A56C236F", "19A41B49C654395EDF4589CA89C934E4", "1F735DE2B03F24AC95E8604750ECAA9A", "3141732BB2021EA68D3DA97B83154543", "36BED5069C166E8476E875FDD20FBFAC", "5A0D58E8F13E5783C2B0794478474313", "5B9223AAC123D393F6059FEF5A6586F7", "6570665AAAD0FEA009A43606E97C65ED", "6E23DDCC163A0AA26B171D799284A657", "6F86E58DD4B9E4C12BB32B23D7F022FE", "758E1B5D9859DACBCB6F1A53A9BEBC5B", "D4EB40AF42F2099B994C4E9EE9567D14", "EF5681533327CDCF2F47CC69AB06BCB4"]}, {"type": "amazon", "idList": ["ALAS-2022-1635", "ALAS-2022-1647", "ALAS-2022-1655", "ALAS-2023-1693", "ALAS-2023-1730", "ALAS-2023-1731", "ALAS-2023-1743", "ALAS2-2022-1846", "ALAS2-2022-1847", "ALAS2-2022-1851", "ALAS2-2022-1858", "ALAS2-2022-1859", "ALAS2-2022-1860", "ALAS2-2022-1861", "ALAS2-2022-1862", "ALAS2-2022-1863", "ALAS2-2022-1864", "ALAS2-2022-1865", "ALAS2-2022-1872", "ALAS2-2022-1885", "ALAS2-2022-1887", "ALAS2-2022-1899", "ALAS2-2023-1908", "ALAS2-2023-1911", "ALAS2-2023-1913", "ALAS2-2023-1926", "ALAS2-2023-1962", "ALAS2-2023-1996", "ALAS2-2023-2006", "ALAS2-2023-2015", "ALAS2-2023-2055"]}, {"type": "apple", "idList": ["APPLE:3F8836B13EB0A5ACD7371C57AE3D6AAB", "APPLE:43BAF2046B9496C33409B8D5A7D822BC", "APPLE:4A817DDEB383A4CBF11E4AF34085C895", "APPLE:53AE4B50AE9CB8B8DBFF2C989DD0BF1E", "APPLE:59B0AAEF029FEFCB696BDCC924053209", "APPLE:A6086D77A7AEFAADCA83ECDE84FD47AF", "APPLE:B7D7EB865D477D40DED3C53178F3E431"]}, {"type": "avleonov", "idList": ["AVLEONOV:317FBD7DA93C95993A9FFF38FB04A987"]}, {"type": "centos", "idList": ["CESA-2023:0377"]}, {"type": "cloudfoundry", "idList": ["CFOUNDRY:0FA3CDF4B841AC5AB8524083A9D5B78B", "CFOUNDRY:1982A1CF884CB6C4BBC8C588E00E9CC3", "CFOUNDRY:429E00557280628837F5EA93B7F2AF8A", "CFOUNDRY:5B33BD34B14AEB7993A5697839F218B5", "CFOUNDRY:64C0AA1EB669424285D9F5476CA385C2", "CFOUNDRY:7164D845A1EA0414A603EBA03DCE1BBF", "CFOUNDRY:C17DAB23BD51D0D4964012B59739331B", "CFOUNDRY:C5C459E2B36E09ABB446A1098762E52E", "CFOUNDRY:CB3F38F7BB8507D3823F57C153F1A401"]}, {"type": "cloudlinux", "idList": ["CLSA-2022:1667493762", "CLSA-2022:1668121215", "CLSA-2022:1670521677"]}, {"type": "cnvd", "idList": ["CNVD-2022-62235", "CNVD-2022-72099", "CNVD-2022-72100", "CNVD-2022-72101", "CNVD-2022-72102", "CNVD-2022-72103", "CNVD-2022-72104", "CNVD-2022-87371"]}, {"type": "cve", "idList": ["CVE-2021-4235", "CVE-2021-43138", "CVE-2021-46848", "CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-27664", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-2953", "CVE-2022-2995", "CVE-2022-30631", "CVE-2022-3162", "CVE-2022-32148", "CVE-2022-32149", "CVE-2022-32189", "CVE-2022-32190", "CVE-2022-3259", "CVE-2022-35737", "CVE-2022-3821", "CVE-2022-40303", "CVE-2022-40304", "CVE-2022-41715", "CVE-2022-41717", "CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012", "CVE-2022-43680", "CVE-2022-44617", "CVE-2022-46285", "CVE-2022-4883"]}, {"type": "debian", "idList": ["DEBIAN:DLA-3142-1:7AAE2", "DEBIAN:DLA-3165-1:79B01", "DEBIAN:DLA-3172-1:11728", "DEBIAN:DLA-3263-1:3B5FB", "DEBIAN:DLA-3278-1:A143F", "DEBIAN:DSA-5250-1:F8B9A", "DEBIAN:DSA-5266-1:29668", "DEBIAN:DSA-5271-1:216D0", "DEBIAN:DSA-5333-1:E9E78"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2021-4235", "DEBIANCVE:CVE-2021-43138", "DEBIANCVE:CVE-2021-46848", "DEBIANCVE:CVE-2022-2056", "DEBIANCVE:CVE-2022-2057", "DEBIANCVE:CVE-2022-2058", "DEBIANCVE:CVE-2022-2519", "DEBIANCVE:CVE-2022-2520", "DEBIANCVE:CVE-2022-2521", "DEBIANCVE:CVE-2022-27664", "DEBIANCVE:CVE-2022-2867", "DEBIANCVE:CVE-2022-2868", "DEBIANCVE:CVE-2022-2869", "DEBIANCVE:CVE-2022-2879", "DEBIANCVE:CVE-2022-2880", "DEBIANCVE:CVE-2022-2953", "DEBIANCVE:CVE-2022-30631", "DEBIANCVE:CVE-2022-3162", "DEBIANCVE:CVE-2022-3172", "DEBIANCVE:CVE-2022-32148", "DEBIANCVE:CVE-2022-32149", "DEBIANCVE:CVE-2022-32189", "DEBIANCVE:CVE-2022-32190", "DEBIANCVE:CVE-2022-35737", "DEBIANCVE:CVE-2022-3821", "DEBIANCVE:CVE-2022-40303", "DEBIANCVE:CVE-2022-40304", "DEBIANCVE:CVE-2022-41715", "DEBIANCVE:CVE-2022-41717", "DEBIANCVE:CVE-2022-42010", "DEBIANCVE:CVE-2022-42011", "DEBIANCVE:CVE-2022-42012", "DEBIANCVE:CVE-2022-43680", "DEBIANCVE:CVE-2022-44617", "DEBIANCVE:CVE-2022-46285", "DEBIANCVE:CVE-2022-4883"]}, {"type": "fedora", "idList": ["FEDORA:086633052754", "FEDORA:086DB3093DEA", "FEDORA:088923095AF6", "FEDORA:08AB5309677C", "FEDORA:08ACB306B0ED", "FEDORA:08BE53072E16", "FEDORA:0ED9C30AB4A6", "FEDORA:0EF9530CC8FB", "FEDORA:1C94C316BCD8", "FEDORA:29A2220B5509", "FEDORA:2F8DA309A631", "FEDORA:3D945304C5EA", "FEDORA:40F87302CC3F", "FEDORA:45560305DF4F", "FEDORA:4566730CAED3", "FEDORA:457263029A55", "FEDORA:4579030843C4", "FEDORA:458CD3065C8C", "FEDORA:459323056A48", "FEDORA:459C0305A895", "FEDORA:45C713021A7C", "FEDORA:462B1304C6E3", "FEDORA:4A5DA30BDE11", "FEDORA:505B9304C5DC", "FEDORA:542A5305DF73", "FEDORA:56BD43071E61", "FEDORA:571D420CB8DD", "FEDORA:586CF304E4EB", "FEDORA:5BC12304C4C1", "FEDORA:5F3593065C8D", "FEDORA:65E743075471", "FEDORA:67238304939E", "FEDORA:71F8530714A2", "FEDORA:82578308719E", "FEDORA:825C530B0322", "FEDORA:826C4305797C", "FEDORA:826EA3095AF6", "FEDORA:829953049387", "FEDORA:82BB73021A52", "FEDORA:82BF0306B0ED", "FEDORA:888F330AF804", "FEDORA:8A82A304C3D3", "FEDORA:93DC430742B5", "FEDORA:93FCF30B1316", "FEDORA:9626830CB465", "FEDORA:9A21120C8479", "FEDORA:9A885304E50F", "FEDORA:9D555302CD90", "FEDORA:A1C2430737B7", "FEDORA:B3C21302CDBF", "FEDORA:B4618306B9BA", "FEDORA:B5DB1306D440", "FEDORA:B6C863099508", "FEDORA:BF6AD30571A2", "FEDORA:BF7F130A0376", "FEDORA:BFE10306B0ED", "FEDORA:BFE60304C6E3", "FEDORA:C3B663065CB2", "FEDORA:C49503045998", "FEDORA:CB635306C64F", "FEDORA:CDA5E3056B26", "FEDORA:D49213021A5A", "FEDORA:DA64430582DC", "FEDORA:DE5A430742B9", "FEDORA:E0DFA3065CA5", "FEDORA:E58B3306597F", "FEDORA:E85113065860", "FEDORA:EBE043099501", "FEDORA:EE64C304C3D3", "FEDORA:F09CC304F36E", "FEDORA:F18BB305DF47"]}, {"type": "freebsd", "idList": ["38F213B6-8F3D-4067-91EF-BF14DE7BA518", "6F5192F5-75A7-11ED-83C0-411D43CE7FE4", "6FEA7103-2EA4-11ED-B403-3DAE8AC60D3E", "7F8D5435-125A-11ED-9A69-10C37B4AC2EA", "854C2AFB-4424-11ED-AF97-ADCABF310F9B", "A4F2416C-02A0-11ED-B817-10C37B4AC2EA"]}, {"type": "gentoo", "idList": ["GLSA-202208-02", "GLSA-202209-26", "GLSA-202210-14", "GLSA-202210-38", "GLSA-202210-39", "GLSA-202210-40", "GLSA-202305-08", "GLSA-202305-15"]}, {"type": "github", "idList": ["GHSA-2394-5535-8J88", "GHSA-2QC6-MCVW-92CW", "GHSA-69CG-P879-7622", "GHSA-69CH-W2M2-3VJP", "GHSA-FWR7-V2MV-HH25", "GHSA-HMFX-3PCX-653P", "GHSA-JW36-HF63-69R9", "GHSA-PHJR-8J92-W5V7", "GHSA-R88R-GMRH-7J83", "GHSA-XRJJ-MJ9H-534M"]}, {"type": "githubexploit", "idList": ["38A55A09-73B1-521E-A87A-5D10A9480D21", "4502E0B7-D7F2-5927-A538-A0CEE0F34D5D", "4C908B03-4A04-55AE-BDB5-19591252E0B6", "534FC79F-3867-5838-B871-3B80756AD0FA", "9D72FBBC-2F8F-5645-96FF-48FB90954429"]}, {"type": "gitlab", "idList": ["GITLAB-0EE5EC3F5CA331274AC6BC5C53443C3C", "GITLAB-20A1692160688442228E71FE7AD791BE", "GITLAB-233DE505B07E962A7BC07DC6CAF90BA4", "GITLAB-2491EF4F71B6E241419A4F80796921A0", "GITLAB-2F723665347891979991692DF14B3EEB", "GITLAB-856A3D83B80945B8096BF22AD35F38A1", "GITLAB-F1819FB1118618D991C20A67CF6BD8BC"]}, {"type": "hackerone", "idList": ["H1:1544133"]}, {"type": "hivepro", "idList": ["HIVEPRO:8AF6D26DCA74110BAC16966E03E4BF07", "HIVEPRO:AFEC9221C05BF5D691D9CF5DB5C4D819"]}, {"type": "ibm", "idList": ["007FDD533A158C12E6AD9FDB0CB2AD4CEF487EA1D3C6043C5F456404FE1093B1", "00D7F5B9A8288919AB4548A77C928214A7A17795F7FF18FD6FA284C19181B10B", "0273A8F588FC75912FB4CCD87BD310A0A100C6F12D5EA893D740EA5E6666E28F", "0344344C5BC1E5BD76915E58268A7771FE5523A39AC168718FA30C6F4E2E5B5F", "050954A6F392495FCA15505DB3E74EBE6829514144F75C0C7EA3894665A3B7C5", "082BB20A1AF8245CDD2BB8373808E28FFC9B0EAB57A051F4D26CD5B373AC0AED", "083ADF7DA890451C275D4D893FB7DD34B49B62BFA7C8B6A11456F32D8F981FE7", "09EF5FA7451E445133E10D48BDD13F339C2926000B7BC1800997600A7060424D", "0A21050DD7C76C80CB0716EC23A7BEE7DBFC327240DCE63EA83F23C9AC9857FB", "0D36778833413EAFB3CAF10140E9A080E0FE7E612D7548D90904130870C0DD99", "123035E77F78D78E29A582F40BE1C73FD712FD4C4E64CD97CCD7953EAD91E997", "150AB81BBBC964A1D771926790FD0F454B61257EA9A56268D49141792DEC1040", "1673E3910F6B4F071ED43032284242D8A81F79464E34B6AEC260CA221F5AC9C6", "182ABCECEC608BADE96BCE85E39885F9C426570CF16077D455A1277D9CC3649A", "1CF3B8F6DB943DDA4327E68EF4D2F93E743F1D5A96E72E233ACA541F301713B8", "1D0C47C863486617E3DB329A62F4FFC3F23EAEA7A011A9C39ADDEBA1D66287D0", "1D446E2471466D9571755327150DCC7446488C1428E482B3C4DE90E3B015E8A0", "2007FD1781CF2022D192260E43DD6A6A9D75EAE1E583F1FF51351C7A5D643FB1", "24192DF6DA931653D8A40AE8FA3FCFA8DC9DDC9F3F3521C670B555D6ECA791FA", "24AAE002F0967D44CC0716EE9E3E24DF8CDF7F36B5D774064EED62A2D2A9B991", "25206297B6D314EFBA6A453E6E477EDBE6B461984AA3CA1C8DFEE5B6F69F28FC", "254982B133AF87964C8EDFD23D188B5AC76FD0D3823194E367660BA1FDE55EFC", "264DC0F3258D2C2FAD19524E675964AF49CBB4E38FAFA95C710B1B5F7DB3C324", "267876FAAA4DE8F551303D163063029D5C162298CE871D6A7EA92CB050CC5FD7", "28574095C7FB6AC27B6A95A11B485AA5D3AFD06F45C89C07E7267FAF829E9E3F", "28F1A1C0D4E6E818018959A56905E05B317813BFC9BC15F47388E1C1AB4FA0A4", "2E164648A8BC84A16CBA2D39B261EB908B45E9024F4C26845769952F83F6021E", "31461F7C4B45D225CFE7E9B7248DBEA2EB7047FCA3D7C5FC53A6D37D20A6FA1F", "31B7E3DA0F86F2CF0C6154CAB5DAC5B34555CBFD54ADF74D9B4941841D3359E9", "33C25BEAEED64C167549C27D67FEB8642DDB9D6F23657396CDBC3CB06DA41C11", "3518B47F9BA6CC58FEC096ABEBD396CD770FC7D70B85B8CDFAF5339E2B7E7FD6", "3669E45D7FE2AA83192FF44FAA60FB349B5D39469F2B30F7D69463B2868B4908", "3726F7F7C91AC512CEBD0170D574C94F5AD76C6E9922CC7158E02CE491D77528", "38DC3F8E6DA5AE751B580BDDC59111DD9C68031722EFD391A2B6BFEFC01091BE", "3C6ED85B7452AB86D777EE64599097CBDAF7676B4556DDDD7D52198F384A8ACD", "41DB1D251DBEF71BB81BDE744D4016A1BA69B68254C65190690B3ED20B6E43CC", "4443FADC35F66CB2BCB006621C9AB426E9DE09C7297783AC62E37E88CB616611", "4A3AFBCED5CDF3F142B08973A0C8CAF08FBD8C8309B351955F73C0DDD32A1A9B", "4A7D77A6C4256907830157C2CBE13EBC7EBBDE216A88B12AB01C854095F0FA92", "4C1F010382EDDC0301461F8E21EBF83618FC88228636180699A4887F7F4D7B10", "4F2F1CEC21593E14CFA5185766BAB1A3ACE3CE7606D9506EA35A0E0677085BC7", "4F610682E2D88A612F720BE6FE1A90ADC89C4DBFCE009F7BB18ADAE4FFBFD6BC", "50AE699C07E5F70B1AE3CA20358AC40C0A249282AA93BC9AF6AEF12C0640B515", "511CA1E500DC586414BB6B9BB4B63C20269EBEAA9179BDB82DDF8DD35087FBA8", "5211E73FEFF6DE75B326605BF6076941B3A243E1242B74AFBF68D0C72AF8EBDF", "53A02607423B45C5D64A0A682472A614FE62809065AF79AC34246C7238FFF74E", "53D83422E4E04BC239B54A0A2F0376ECC7C7DE773CBBCA8BB25B13FC0FAB9C08", "53F32964A2275244A5F7A1D6BE61A50BA12236B3F5CF9F259D3080CEA722858F", "5810936B5D81374AC70062BD3E5A3B6ED7E44BA577A9A9B7280FC29B7CDA8F3D", "5A1A71C2AEA1EC6D249F3D62BD301D5763364434C2AF73A78CC481916F9D1B29", "5B63337BED8D1831437D9E9CDA230341D96CD4E72BF44B64671DD96E2E83D164", "5BE52962678849208DBB78075A36D8D5B485DEC707628BB3A9D37D4AA01BC678", "62E059EEA639646759CA7749BF7374A95DBD2E42028688AEF7E341FFD45AC406", "649E2DDA040BCAF9D327CBF1104F09E43BDFDF3E05BCE0D7D84A289786CD6F3B", "64C6966CAB92CF49DFA60B2B2ACD554321FCF251EEFB53250A6E8796C4406E0D", "662603779A7B31F842ACDAC900F85F508E30909EAC618292446B2B7F54F2A2BB", "6994DB9FF8EDDCBEB06E15718DA8FA8CDAE33F0D45671CA89D2EEFBFC761C838", "6A36FBE4C566B8B2AE8DCC827AAAAEC1638BC6846277F4A2FC26685A0B0BB3A0", "6BEB63DA704B1C61E402BE6E6BD16FC53AAC6B4A502A919D818A04D123A05683", "6E274C29EC10091A16A948020DFA6616338E4AADC6AF19B28DF530C8B3611161", "7013BFDF21BD92A8AB96241024F0CAD08037A8AD1C789F7947FCE48C14C2392B", "7105AF1C93D515F02480C049C741A52F93A65ECE38328EB8C780F614F973363F", "735460E9936686D67F775804A44719EF9BED2F1CC6087DDFEBD74D6D08FF4491", "73D612A311806E111015F2B9E8E022D54AAEEAE7E6FFF6CD66FAECBBDAF7CE69", "76431CC2124AC9245013B83E4D1AE5B2A9C96507DB2FA15458526064D7073AFD", "7723E7232CDF38CAF6FB9BEBC720727705544B73B826D4C481C2D54FB681768E", "78CB5F0D7BC6F44286129E58020AB09AEF543E38286E06D7DAA223680B91723E", "794873BC9AD688E503AC3D1ABF86B882A27BB23EE5F35879F934BDE72517A5D3", "799823FEACD360943633A51415DF96A8C5E2C70F9725F87AB43B97BA3A3A30C3", "7A34C5EA3878227646136480AF345DCC5DF882B26F65D3380EC0064BCCA45485", "7BA885102FB6C982A4016A435FA0824A892F1CA43607BC1DC3F3B5F05BFAF573", "7CC5F589E9BC0C92DEF4BEF2121F2B963F810DD882E1C192E17454695CD02C28", "84702534FEA7C5817E90767B0FCD0D8981E8E32D4EBF6D4564A75B42BECECC49", "879E8572F695F122B3D44941AF873DE14517F9962FFACEA2E0F06FAE2D39D0EC", "8A2FE6743CBBECB31F75EC17AEC4FC32867EE2570FC4B4E10BE1156C6D8813A7", "8B34C508C065AF97F46EAA301E5EB359829527D59186A7D2F9001D3F449607E4", "909294F02834B103922F69F144E577A6A9D1C54668BDFD66B1775A1CCC13F85F", "914CA134AF0F49B31B57A7227D3B9CB858E76235C7AF94741731F679F034F5ED", "91E63EC03DFB8DA2D7736423C66D389EA87483C3F7AA23AA1075110FE7B03C4B", "9211BE65B6F7195CAE01EA26A0281CA4C0F43AE2BC87E870946F4C221519D36A", "950F18A7C5FA83CD1133188ECC6C982AEA693366C9310BAC739BA9C255CA0EA5", "9847846496EC6CDEC13D18E7EB623B5D93BCF6975339BB7F182533A02D652D6E", "99B03F3BF248482FB258C7CD9184CBCFCF1806BC2F9BAE890575A6B8DD8B0C46", "9B25740319B5D7DBD05732DCF41160210755EEFFEA514E1EE4D106925CB2C1D5", "9D9A01E02514803E9E0E5DD88830752E1595E1F1CC50F35B26CA6DC44AE2E184", "9E122C3147369696EEB22BB3077D52C1A9B149F5FD98D9E64ECA4092528218A8", "9F512013B9FC077CC364781500C5D79550488138D5DBE2874B5D669DE1A62036", "A2DF5A832BCA204889A5BFA26956B51FCC7B454212C658B9DCD76D46DB38DC12", "A45019922BC1C4127812E6B0394D71098046E7EF0D23DA6ED192C8F3E783449A", "AB0269F328A72DFA7F2DE2BB0EA2BCB9B9316CF2F0041B84ED7404E2839F2B2E", "AC8A176111C5D0EEF4CBEEF646DE5672F13451B994F8BB844C6C076689090D26", "AE8B23AD6B0062B13D1E5F5D2B9C3DE6F734845A554B1AED12CCABFC9651716D", "B025E16E467F3574FD05242ED33BC0064FC46784462C16C9371184AEBF1DDCB6", "B0FB98D09F3AB63566DF3496E722777261EC73210A72EB2A2FAB701E3D4F7054", "B2057B745B8593B8493240F47C34779B4F59D5AECEF7CE1ED07149116FC5E53A", "B29B1371AC288FDC546A02113375596BEABE9D719A718096D400DC04D07B592D", "B492F0296BDA567C4F98187476A828370D969E5E55C2ADEF50B3218415B91F81", "B55CC34C08F4E9CA089D3768805F5AE9F464C3A72586A258FF4C65D4D401DEAA", "BBC6954775F1FDB0CC2B5463387AB94381777CD1BA78525180050E16A8CD97B9", "BEE5E5DB520EA27AD3E9D28AB2947012B002F3FA33DD8359FAC9C5173657E3FC", "C15110971919E2CFDB4CF1D2D6CB0D06608CA8D7C1A8EBC251900CD5535890E1", "C25EC5B6B222C6B5DE7F4216BAE0D1E7FE29DF2F05DD32A17AC83CCCEE5ECAFB", "C367FEE9E2829E1B8548ADF569A828E49A2FE8F4E6ACF0A4693EC09A7D52DDD3", "C3D361AA56DBD5AEDE85472A0F40170FEB4CAA976C49A2B3101A450FCFA8464F", "C44B9587D4FEA069099D8E57176D76A313769ADA20486A93C80E3505821ADAF9", "C58498E175EED7B50ADCA41367E25183DF7331A1B1B2B3A2B2F1666536E9A062", "C71235B9EB6EDAE21C87F038209FAA80F05E9B26A6336CECB453B01119F347D8", "CA6E62CB32AA91296638D9DAB5072711CB69A35615F7FC69D8B55BD25BE71F67", "CADD4263ED5018A7E33B0B9487BE4DDAEFA96D5866FF633AFD644F5D80FB4DA7", "D1D933E74F951886FE0E0B2DACA0425761D59893EFD0422D5F9C96FC6CE42B06", "D3C347A5A7C4AA243B17CFCC5AD0080A2A49CC6A651602DF047BC554082EB3A1", "D3EFB24CDB958FE8DFD2C179A4F15B7E9D09B5F83584D75E88ABFD281830DA37", "D4AA4C74B15B21D0E1466EA29AB09D3F56B67EEEE73C489747B7DE7F274D8281", "D62801C78243F99F4BD9B1AD811F5719F33C493EB92FF8BC4666E01644FB3A6E", "D81F2452BA61871FDE7D1BC02E1D81E1EEC654A297147A39D055298CC0CD5313", "D9EE7D452220C127A9F38A40C453078E8FE96DDAA4C26D5570962228F3CEC643", "DA3BD6A322362DB9EA27EC83500FF79BD7885DE3B762AEB3DA4AF9DAA3256D91", "DB70F8606EEC9D111E1733FEB18E80A48B68945F4D235C1E57CCC9CEEC5439CB", "DCAE287F0BABE8AC56E00595C92FEE667BF432BBD7D2FD5B381E4577D581AA71", "DD014F1A813600ACA0D595671383D2852A6C9DB1223439E2A4DA4BD7ED9B8BB5", "DE360DB6C0FAEB527806F6EF8037B508B94ACA88D09A5B352076CBB5008C3E2D", "DE96883322ADFFB1053926315A9CCBF923A051EFB7584674C17F344392B284D6", "DEB42D37472DABA41D449842B1B5C261C9033E9118FC181AE309B0216062035B", "E2F000BF37790E086A7F778E342A5A0A63D3A8E499DCA6B448852B580CEAA8A7", "E8EFCA8810003524E6931CD5AFDC084870201D5052BAC467C09EBF324F61A84B", "EB492CB9C6C2F063D092AC50542CFA54FEBE8B62959F56EDD80802012179DA7C", "EB62313E9AB090C8BC8570064FAA6261039AF87730B0C30328DF53D2180CFC6F", "EDC6276764C331FE5381EE2663A1BD78777530A7E872A848558618A96CEAAD79", "EE5C640C3D724B0A683191042C2B79B2D3CE6CC7BB897CD0A728DE140A2B8121", "F2018DF6B5783A154F66D47CF61A02700B33271E5A9BF9B7EA3DF4AD976BD52B", "F4850104B196515F0840E23B8EB8ED0DA8D94CCAA1749B045F928C131FA6AF01", "F55D4F3C9972036DFFB2F86883199DDA4C73A33359FC45E50D3F6DFB8F503421", "F5A5D8AF4EBB36874AE8BAC38E2092D247AF231CDDD1BC304F11AB06056873F8", "F6A8FCCCCDFD07AD745A1DB2E59B89AC71F4BB462395AE22A36C32F72FACD220", "F7D6563C7EB9219547AC97FD5114C98BE52E7D27590CF0878A24992B862B7845", "F855B78170CBBCBA7D7DBF1947BDE557744E2A369D992EAF183B091303D12237", "F8949F00CDCE086FCFA5F40AFADF9DB9E3B4DD10AB910034C41279EA96313C2A", "FAC2E61F8B4984732B830598A869C358191C10CF0F9FF4B72A638A18000FD99C", "FDB25CBB83443FCE9CA14265E682FC07B396DB11570579DC63B2D4B3F0D307DF"]}, {"type": "ics", "idList": ["ICSA-23-131-05", "ICSA-23-143-01"]}, {"type": "mageia", "idList": ["MGASA-2022-0262", "MGASA-2022-0267", "MGASA-2022-0273", "MGASA-2022-0283", "MGASA-2022-0337", "MGASA-2022-0356", "MGASA-2022-0365", "MGASA-2022-0377", "MGASA-2022-0409", "MGASA-2022-0410", "MGASA-2022-0412", "MGASA-2022-0414", "MGASA-2022-0427", "MGASA-2022-0429", "MGASA-2022-0473", "MGASA-2023-0031"]}, {"type": "nessus", "idList": ["AIX_IJ45056.NASL", "AIX_IJ45059.NASL", "AIX_IJ45060.NASL", "AL2022_ALAS2022-2022-094.NASL", "AL2022_ALAS2022-2022-128.NASL", "AL2022_ALAS2022-2022-144.NASL", "AL2022_ALAS2022-2022-183.NASL", "AL2022_ALAS2022-2022-192.NASL", "AL2022_ALAS2022-2022-193.NASL", "AL2022_ALAS2022-2022-194.NASL", "AL2022_ALAS2022-2022-239.NASL", "AL2022_ALAS2022-2022-240.NASL", "AL2022_ALAS2022-2022-257.NASL", "AL2022_ALAS2022-2022-258.NASL", "AL2022_ALAS2022-2022-260.NASL", "AL2022_ALAS2022-2022-261.NASL", "AL2022_ALAS2022-2023-266.NASL", "AL2023_ALAS2023-2023-046.NASL", "AL2023_ALAS2023-2023-047.NASL", "AL2023_ALAS2023-2023-048.NASL", "AL2023_ALAS2023-2023-050.NASL", "AL2023_ALAS2023-2023-058.NASL", "AL2023_ALAS2023-2023-067.NASL", "AL2023_ALAS2023-2023-089.NASL", "AL2023_ALAS2023-2023-096.NASL", "AL2023_ALAS2023-2023-097.NASL", "AL2023_ALAS2023-2023-100.NASL", "AL2023_ALAS2023-2023-107.NASL", "AL2023_ALAS2023-2023-175.NASL", "AL2_ALAS-2022-1838.NASL", "AL2_ALAS-2022-1846.NASL", "AL2_ALAS-2022-1847.NASL", "AL2_ALAS-2022-1851.NASL", "AL2_ALAS-2022-1858.NASL", "AL2_ALAS-2022-1859.NASL", "AL2_ALAS-2022-1860.NASL", "AL2_ALAS-2022-1861.NASL", "AL2_ALAS-2022-1862.NASL", "AL2_ALAS-2022-1863.NASL", "AL2_ALAS-2022-1864.NASL", "AL2_ALAS-2022-1865.NASL", "AL2_ALAS-2022-1872.NASL", "AL2_ALAS-2022-1885.NASL", "AL2_ALAS-2022-1887.NASL", "AL2_ALAS-2022-1899.NASL", "AL2_ALAS-2023-1908.NASL", "AL2_ALAS-2023-1911.NASL", "AL2_ALAS-2023-1913.NASL", "AL2_ALAS-2023-1926.NASL", "AL2_ALAS-2023-1962.NASL", "AL2_ALAS-2023-1996.NASL", "AL2_ALAS-2023-2006.NASL", "AL2_ALAS-2023-2015.NASL", "AL2_ALASDOCKER-2022-020.NASL", "AL2_ALASDOCKER-2022-021.NASL", "ALA_ALAS-2022-1635.NASL", "ALA_ALAS-2022-1647.NASL", "ALA_ALAS-2022-1655.NASL", "ALA_ALAS-2023-1693.NASL", "ALA_ALAS-2023-1730.NASL", "ALA_ALAS-2023-1731.NASL", "ALA_ALAS-2023-1743.NASL", "ALMA_LINUX_ALSA-2022-5775.NASL", "ALMA_LINUX_ALSA-2022-5799.NASL", "ALMA_LINUX_ALSA-2022-7129.NASL", "ALMA_LINUX_ALSA-2022-7519.NASL", "ALMA_LINUX_ALSA-2022-7529.NASL", "ALMA_LINUX_ALSA-2022-7548.NASL", "ALMA_LINUX_ALSA-2022-7648.NASL", "ALMA_LINUX_ALSA-2022-7950.NASL", "ALMA_LINUX_ALSA-2022-8057.NASL", "ALMA_LINUX_ALSA-2022-8098.NASL", "ALMA_LINUX_ALSA-2022-8250.NASL", "ALMA_LINUX_ALSA-2023-0095.NASL", "ALMA_LINUX_ALSA-2023-0096.NASL", "ALMA_LINUX_ALSA-2023-0100.NASL", "ALMA_LINUX_ALSA-2023-0103.NASL", "ALMA_LINUX_ALSA-2023-0110.NASL", "ALMA_LINUX_ALSA-2023-0116.NASL", "ALMA_LINUX_ALSA-2023-0173.NASL", "ALMA_LINUX_ALSA-2023-0302.NASL", "ALMA_LINUX_ALSA-2023-0328.NASL", "ALMA_LINUX_ALSA-2023-0335.NASL", "ALMA_LINUX_ALSA-2023-0336.NASL", "ALMA_LINUX_ALSA-2023-0337.NASL", "ALMA_LINUX_ALSA-2023-0338.NASL", "ALMA_LINUX_ALSA-2023-0339.NASL", "ALMA_LINUX_ALSA-2023-0343.NASL", "ALMA_LINUX_ALSA-2023-0379.NASL", "ALMA_LINUX_ALSA-2023-0383.NASL", "ALMA_LINUX_ALSA-2023-0446.NASL", "ALMA_LINUX_ALSA-2023-2167.NASL", "ALMA_LINUX_ALSA-2023-2177.NASL", "ALMA_LINUX_ALSA-2023-2193.NASL", "ALMA_LINUX_ALSA-2023-2204.NASL", "ALMA_LINUX_ALSA-2023-2222.NASL", "ALMA_LINUX_ALSA-2023-2236.NASL", "ALMA_LINUX_ALSA-2023-2253.NASL", "ALMA_LINUX_ALSA-2023-2282.NASL", "ALMA_LINUX_ALSA-2023-2283.NASL", "ALMA_LINUX_ALSA-2023-2357.NASL", "ALMA_LINUX_ALSA-2023-2367.NASL", "ALMA_LINUX_ALSA-2023-2592.NASL", "ALMA_LINUX_ALSA-2023-2758.NASL", "ALMA_LINUX_ALSA-2023-2780.NASL", "ALMA_LINUX_ALSA-2023-2784.NASL", "ALMA_LINUX_ALSA-2023-2785.NASL", "ALMA_LINUX_ALSA-2023-2802.NASL", "ALMA_LINUX_ALSA-2023-2866.NASL", "APPLETV_16_2.NASL", "APPLE_IOS_1611_CHECK.NBIN", "CENTOS8_RHSA-2022-5775.NASL", "CENTOS8_RHSA-2022-7519.NASL", "CENTOS8_RHSA-2022-7529.NASL", "CENTOS8_RHSA-2022-7548.NASL", "CENTOS8_RHSA-2022-7648.NASL", "CENTOS8_RHSA-2023-0446.NASL", "CENTOS8_RHSA-2023-2758.NASL", "CENTOS8_RHSA-2023-2780.NASL", "CENTOS8_RHSA-2023-2784.NASL", "CENTOS8_RHSA-2023-2785.NASL", "CENTOS8_RHSA-2023-2802.NASL", "CENTOS8_RHSA-2023-2866.NASL", "CENTOS_RHSA-2023-0377.NASL", "DEBIAN_DLA-3142.NASL", "DEBIAN_DLA-3165.NASL", "DEBIAN_DLA-3172.NASL", "DEBIAN_DLA-3263.NASL", "DEBIAN_DLA-3278.NASL", "DEBIAN_DSA-5250.NASL", "DEBIAN_DSA-5266.NASL", "DEBIAN_DSA-5271.NASL", "DEBIAN_DSA-5333.NASL", "EULEROS_SA-2022-2288.NASL", "EULEROS_SA-2022-2317.NASL", "EULEROS_SA-2022-2443.NASL", "EULEROS_SA-2022-2469.NASL", "EULEROS_SA-2022-2651.NASL", "EULEROS_SA-2022-2657.NASL", "EULEROS_SA-2022-2668.NASL", "EULEROS_SA-2022-2683.NASL", "EULEROS_SA-2022-2689.NASL", "EULEROS_SA-2022-2700.NASL", "EULEROS_SA-2022-2710.NASL", "EULEROS_SA-2022-2731.NASL", "EULEROS_SA-2022-2735.NASL", "EULEROS_SA-2022-2744.NASL", "EULEROS_SA-2022-2766.NASL", "EULEROS_SA-2022-2770.NASL", "EULEROS_SA-2022-2779.NASL", "EULEROS_SA-2022-2791.NASL", "EULEROS_SA-2022-2795.NASL", "EULEROS_SA-2022-2799.NASL", "EULEROS_SA-2022-2800.NASL", "EULEROS_SA-2022-2822.NASL", "EULEROS_SA-2022-2825.NASL", "EULEROS_SA-2022-2847.NASL", "EULEROS_SA-2022-2850.NASL", "EULEROS_SA-2022-2909.NASL", "EULEROS_SA-2022-2920.NASL", "EULEROS_SA-2022-2935.NASL", "EULEROS_SA-2022-2946.NASL", "EULEROS_SA-2023-1006.NASL", "EULEROS_SA-2023-1008.NASL", "EULEROS_SA-2023-1010.NASL", "EULEROS_SA-2023-1013.NASL", "EULEROS_SA-2023-1014.NASL", "EULEROS_SA-2023-1016.NASL", "EULEROS_SA-2023-1023.NASL", "EULEROS_SA-2023-1031.NASL", "EULEROS_SA-2023-1033.NASL", "EULEROS_SA-2023-1035.NASL", "EULEROS_SA-2023-1038.NASL", "EULEROS_SA-2023-1039.NASL", "EULEROS_SA-2023-1041.NASL", "EULEROS_SA-2023-1048.NASL", "EULEROS_SA-2023-1096.NASL", "EULEROS_SA-2023-1098.NASL", "EULEROS_SA-2023-1100.NASL", "EULEROS_SA-2023-1103.NASL", "EULEROS_SA-2023-1104.NASL", "EULEROS_SA-2023-1106.NASL", "EULEROS_SA-2023-1115.NASL", "EULEROS_SA-2023-1120.NASL", "EULEROS_SA-2023-1122.NASL", "EULEROS_SA-2023-1124.NASL", "EULEROS_SA-2023-1127.NASL", "EULEROS_SA-2023-1128.NASL", "EULEROS_SA-2023-1130.NASL", "EULEROS_SA-2023-1139.NASL", "EULEROS_SA-2023-1149.NASL", "EULEROS_SA-2023-1170.NASL", "EULEROS_SA-2023-1196.NASL", "EULEROS_SA-2023-1205.NASL", "EULEROS_SA-2023-1226.NASL", "EULEROS_SA-2023-1235.NASL", "EULEROS_SA-2023-1311.NASL", "EULEROS_SA-2023-1325.NASL", "EULEROS_SA-2023-1329.NASL", "EULEROS_SA-2023-1339.NASL", "EULEROS_SA-2023-1352.NASL", "EULEROS_SA-2023-1355.NASL", "EULEROS_SA-2023-1357.NASL", "EULEROS_SA-2023-1362.NASL", "EULEROS_SA-2023-1365.NASL", "EULEROS_SA-2023-1374.NASL", "EULEROS_SA-2023-1380.NASL", "EULEROS_SA-2023-1383.NASL", "EULEROS_SA-2023-1385.NASL", "EULEROS_SA-2023-1390.NASL", "EULEROS_SA-2023-1393.NASL", "EULEROS_SA-2023-1402.NASL", "EULEROS_SA-2023-1442.NASL", "EULEROS_SA-2023-1450.NASL", "EULEROS_SA-2023-1467.NASL", "EULEROS_SA-2023-1475.NASL", "EULEROS_SA-2023-1494.NASL", "EULEROS_SA-2023-1497.NASL", "EULEROS_SA-2023-1505.NASL", "EULEROS_SA-2023-1509.NASL", "EULEROS_SA-2023-1510.NASL", "EULEROS_SA-2023-1524.NASL", "EULEROS_SA-2023-1531.NASL", "EULEROS_SA-2023-1549.NASL", "EULEROS_SA-2023-1556.NASL", "EULEROS_SA-2023-1573.NASL", "EULEROS_SA-2023-1583.NASL", "EULEROS_SA-2023-1615.NASL", "EULEROS_SA-2023-1621.NASL", "EULEROS_SA-2023-1623.NASL", "EULEROS_SA-2023-1624.NASL", "EULEROS_SA-2023-1626.NASL", "EULEROS_SA-2023-1632.NASL", "EULEROS_SA-2023-1641.NASL", "EULEROS_SA-2023-1642.NASL", "EULEROS_SA-2023-1655.NASL", "EULEROS_SA-2023-1657.NASL", "EULEROS_SA-2023-1658.NASL", "EULEROS_SA-2023-1660.NASL", "EULEROS_SA-2023-1666.NASL", "EULEROS_SA-2023-1675.NASL", "EULEROS_SA-2023-1676.NASL", "EULEROS_SA-2023-1702.NASL", "EULEROS_SA-2023-1718.NASL", "EULEROS_SA-2023-1740.NASL", "EULEROS_SA-2023-1762.NASL", "EULEROS_SA-2023-1784.NASL", "EULEROS_SA-2023-1885.NASL", "EULEROS_SA-2023-1888.NASL", "EULEROS_SA-2023-1891.NASL", "EULEROS_SA-2023-1893.NASL", "EULEROS_SA-2023-1906.NASL", "EULEROS_SA-2023-1911.NASL", "EULEROS_SA-2023-1916.NASL", "EULEROS_SA-2023-1919.NASL", "EULEROS_SA-2023-1922.NASL", "EULEROS_SA-2023-1924.NASL", "EULEROS_SA-2023-1937.NASL", "EULEROS_SA-2023-1942.NASL", "F5_BIGIP_SOL000130512.NASL", "FEDORA_2022-061F857481.NASL", "FEDORA_2022-076544C8AA.NASL", "FEDORA_2022-0E313CC582.NASL", "FEDORA_2022-2004702D98.NASL", "FEDORA_2022-3C933FFACA.NASL", "FEDORA_2022-3CF0E7EBC7.NASL", "FEDORA_2022-3F9EE1AD91.NASL", "FEDORA_2022-49DB80F821.NASL", "FEDORA_2022-7A963A79D1.NASL", "FEDORA_2022-8AC4104A02.NASL", "FEDORA_2022-AE2559A8F4.NASL", "FEDORA_2022-AEAFD24818.NASL", "FEDORA_2022-C43235716E.NASL", "FEDORA_2023-0C354A3F9A.NASL", "FEDORA_2023-0FFF8BC164.NASL", "FEDORA_2023-18FD476362.NASL", "FEDORA_2023-1BD07375A7.NASL", "FEDORA_2023-2663DC67D8.NASL", "FEDORA_2023-267503A090.NASL", "FEDORA_2023-2DF9D60E4C.NASL", "FEDORA_2023-322314AD50.NASL", "FEDORA_2023-3DBA09F630.NASL", "FEDORA_2023-49DBEB6B03.NASL", "FEDORA_2023-4E2068BA5D.NASL", "FEDORA_2023-5ECA6A8326.NASL", "FEDORA_2023-62CE942E75.NASL", "FEDORA_2023-6550D9323B.NASL", "FEDORA_2023-6D71FF268E.NASL", "FEDORA_2023-70EB8BA61E.NASL", "FEDORA_2023-76D18CF2FA.NASL", "FEDORA_2023-8B700042AC.NASL", "FEDORA_2023-8C02AEE138.NASL", "FEDORA_2023-8ECC0E487E.NASL", "FEDORA_2023-ABB47E24D8.NASL", "FEDORA_2023-C0149844E2.NASL", "FEDORA_2023-C9B2182A4E.NASL", "FEDORA_2023-CA444FDECF.NASL", "FEDORA_2023-CB3A59A3DF.NASL", "FEDORA_2023-CE8943223C.NASL", "FEDORA_2023-E8C27BA884.NASL", "FEDORA_2023-EE472C698C.NASL", "FEDORA_2023-F4BD7AB2F7.NASL", "FREEBSD_PKG_38F213B68F3D406791EFBF14DE7BA518.NASL", "FREEBSD_PKG_6F5192F575A711ED83C0411D43CE7FE4.NASL", "FREEBSD_PKG_6FEA71032EA411EDB4033DAE8AC60D3E.NASL", "FREEBSD_PKG_7F8D5435125A11ED9A6910C37B4AC2EA.NASL", "FREEBSD_PKG_854C2AFB442411EDAF97ADCABF310F9B.NASL", "FREEBSD_PKG_A4F2416C02A011EDB81710C37B4AC2EA.NASL", "GENTOO_GLSA-202208-02.NASL", "GENTOO_GLSA-202209-26.NASL", "GENTOO_GLSA-202210-14.NASL", "GENTOO_GLSA-202210-38.NASL", "GENTOO_GLSA-202210-39.NASL", "GENTOO_GLSA-202210-40.NASL", "GENTOO_GLSA-202305-08.NASL", "GENTOO_GLSA-202305-15.NASL", "IBM_COGNOS_6828527.NASL", "MACOS_HT213504.NASL", "MACOS_HT213533.NASL", "MACOS_HT213534.NASL", "MARINER_GOLANG_CVE-2022-41717.NASL", "MARINER_LIBTIFF_CVE-2022-2056.NASL", "MARINER_LIBTIFF_CVE-2022-2057.NASL", "MARINER_LIBTIFF_CVE-2022-2058.NASL", "MARINER_LIBTIFF_CVE-2022-2953.NASL", "MARINER_LIBXML2_CVE-2022-40303.NASL", "MARINER_SYSTEMD_CVE-2022-3821.NASL", "NESSUS_TNS-2022-23.NASL", "NESSUS_TNS-2022-24.NASL", "NESSUS_TNS-2022-26.NASL", "NEWSTART_CGSL_NS-SA-2023-0030_SYSTEMD.NASL", "ORACLELINUX_ELSA-2022-10033.NASL", "ORACLELINUX_ELSA-2022-10034.NASL", "ORACLELINUX_ELSA-2022-10035.NASL", "ORACLELINUX_ELSA-2022-10036.NASL", "ORACLELINUX_ELSA-2022-20693.NASL", "ORACLELINUX_ELSA-2022-20694.NASL", "ORACLELINUX_ELSA-2022-23681.NASL", "ORACLELINUX_ELSA-2022-24267.NASL", "ORACLELINUX_ELSA-2022-5775.NASL", "ORACLELINUX_ELSA-2022-5799.NASL", "ORACLELINUX_ELSA-2022-7129.NASL", "ORACLELINUX_ELSA-2022-7519.NASL", "ORACLELINUX_ELSA-2022-7529.NASL", "ORACLELINUX_ELSA-2022-7548.NASL", "ORACLELINUX_ELSA-2022-7648.NASL", "ORACLELINUX_ELSA-2022-7950.NASL", "ORACLELINUX_ELSA-2022-8057.NASL", "ORACLELINUX_ELSA-2022-8250.NASL", "ORACLELINUX_ELSA-2022-9853.NASL", "ORACLELINUX_ELSA-2022-9854.NASL", "ORACLELINUX_ELSA-2022-9855.NASL", "ORACLELINUX_ELSA-2022-9856.NASL", "ORACLELINUX_ELSA-2023-0095.NASL", "ORACLELINUX_ELSA-2023-0096.NASL", "ORACLELINUX_ELSA-2023-0100.NASL", "ORACLELINUX_ELSA-2023-0103.NASL", "ORACLELINUX_ELSA-2023-0110.NASL", "ORACLELINUX_ELSA-2023-0116.NASL", "ORACLELINUX_ELSA-2023-0173.NASL", "ORACLELINUX_ELSA-2023-0302.NASL", "ORACLELINUX_ELSA-2023-0328.NASL", "ORACLELINUX_ELSA-2023-0335.NASL", "ORACLELINUX_ELSA-2023-0336.NASL", "ORACLELINUX_ELSA-2023-0337.NASL", "ORACLELINUX_ELSA-2023-0338.NASL", "ORACLELINUX_ELSA-2023-0339.NASL", "ORACLELINUX_ELSA-2023-0343.NASL", "ORACLELINUX_ELSA-2023-0377.NASL", "ORACLELINUX_ELSA-2023-0379.NASL", "ORACLELINUX_ELSA-2023-0383.NASL", "ORACLELINUX_ELSA-2023-0446.NASL", "ORACLELINUX_ELSA-2023-18908.NASL", "ORACLELINUX_ELSA-2023-2167.NASL", "ORACLELINUX_ELSA-2023-2177.NASL", "ORACLELINUX_ELSA-2023-2204.NASL", "ORACLELINUX_ELSA-2023-2222.NASL", "ORACLELINUX_ELSA-2023-2253.NASL", "ORACLELINUX_ELSA-2023-2282.NASL", "ORACLELINUX_ELSA-2023-2283.NASL", "ORACLELINUX_ELSA-2023-2357.NASL", "ORACLELINUX_ELSA-2023-2367.NASL", "ORACLELINUX_ELSA-2023-2592.NASL", "ORACLELINUX_ELSA-2023-2758.NASL", "ORACLELINUX_ELSA-2023-2780.NASL", "ORACLELINUX_ELSA-2023-2784.NASL", "ORACLELINUX_ELSA-2023-2785.NASL", "ORACLELINUX_ELSA-2023-2802.NASL", "ORACLELINUX_ELSA-2023-2866.NASL", "ORACLE_HTTP_SERVER_CPU_APR_2023.NASL", "REDHAT-RHSA-2022-5775.NASL", "REDHAT-RHSA-2022-5799.NASL", "REDHAT-RHSA-2022-5866.NASL", "REDHAT-RHSA-2022-6061.NASL", "REDHAT-RHSA-2022-6062.NASL", "REDHAT-RHSA-2022-6065.NASL", "REDHAT-RHSA-2022-6066.NASL", "REDHAT-RHSA-2022-7129.NASL", "REDHAT-RHSA-2022-7519.NASL", "REDHAT-RHSA-2022-7529.NASL", "REDHAT-RHSA-2022-7548.NASL", "REDHAT-RHSA-2022-7648.NASL", "REDHAT-RHSA-2022-7950.NASL", "REDHAT-RHSA-2022-8057.NASL", "REDHAT-RHSA-2022-8098.NASL", "REDHAT-RHSA-2022-8250.NASL", "REDHAT-RHSA-2022-8534.NASL", "REDHAT-RHSA-2022-8626.NASL", "REDHAT-RHSA-2022-8812.NASL", "REDHAT-RHSA-2022-8977.NASL", "REDHAT-RHSA-2023-0095.NASL", "REDHAT-RHSA-2023-0096.NASL", "REDHAT-RHSA-2023-0100.NASL", "REDHAT-RHSA-2023-0103.NASL", "REDHAT-RHSA-2023-0110.NASL", "REDHAT-RHSA-2023-0116.NASL", "REDHAT-RHSA-2023-0173.NASL", "REDHAT-RHSA-2023-0302.NASL", "REDHAT-RHSA-2023-0328.NASL", "REDHAT-RHSA-2023-0335.NASL", "REDHAT-RHSA-2023-0336.NASL", "REDHAT-RHSA-2023-0337.NASL", "REDHAT-RHSA-2023-0338.NASL", "REDHAT-RHSA-2023-0339.NASL", "REDHAT-RHSA-2023-0343.NASL", "REDHAT-RHSA-2023-0377.NASL", "REDHAT-RHSA-2023-0378.NASL", "REDHAT-RHSA-2023-0379.NASL", "REDHAT-RHSA-2023-0380.NASL", "REDHAT-RHSA-2023-0381.NASL", "REDHAT-RHSA-2023-0382.NASL", "REDHAT-RHSA-2023-0383.NASL", "REDHAT-RHSA-2023-0384.NASL", "REDHAT-RHSA-2023-0445.NASL", "REDHAT-RHSA-2023-0446.NASL", "REDHAT-RHSA-2023-2167.NASL", "REDHAT-RHSA-2023-2177.NASL", "REDHAT-RHSA-2023-2193.NASL", "REDHAT-RHSA-2023-2204.NASL", "REDHAT-RHSA-2023-2222.NASL", "REDHAT-RHSA-2023-2236.NASL", "REDHAT-RHSA-2023-2253.NASL", "REDHAT-RHSA-2023-2282.NASL", "REDHAT-RHSA-2023-2283.NASL", "REDHAT-RHSA-2023-2357.NASL", "REDHAT-RHSA-2023-2367.NASL", "REDHAT-RHSA-2023-2592.NASL", "REDHAT-RHSA-2023-2758.NASL", "REDHAT-RHSA-2023-2780.NASL", "REDHAT-RHSA-2023-2784.NASL", "REDHAT-RHSA-2023-2785.NASL", "REDHAT-RHSA-2023-2802.NASL", "REDHAT-RHSA-2023-2866.NASL", "ROCKY_LINUX_RLSA-2022-5799.NASL", "ROCKY_LINUX_RLSA-2022-7129.NASL", "ROCKY_LINUX_RLSA-2022-7950.NASL", "ROCKY_LINUX_RLSA-2022-8057.NASL", "ROCKY_LINUX_RLSA-2022-8098.NASL", "SIEMENS_SINEC_NMS_1_0_3_1.NASL", "SLACKWARE_SSA_2022-298-01.NASL", "SLACKWARE_SSA_2022-341-01.NASL", "SLACKWARE_SSA_2023-003-01.NASL", "SLACKWARE_SSA_2023-018-03.NASL", "SOLARIS_JAN2023_SRU11_4_53_132_2.NASL", "SUSE_SU-2022-2647-1.NASL", "SUSE_SU-2022-2648-1.NASL", "SUSE_SU-2022-2671-1.NASL", "SUSE_SU-2022-2672-1.NASL", "SUSE_SU-2022-3307-1.NASL", "SUSE_SU-2022-3307-2.NASL", "SUSE_SU-2022-3325-1.NASL", "SUSE_SU-2022-3326-1.NASL", "SUSE_SU-2022-3401-1.NASL", "SUSE_SU-2022-3668-1.NASL", "SUSE_SU-2022-3669-1.NASL", "SUSE_SU-2022-3679-1.NASL", "SUSE_SU-2022-3690-1.NASL", "SUSE_SU-2022-3692-1.NASL", "SUSE_SU-2022-3717-1.NASL", "SUSE_SU-2022-3784-1.NASL", "SUSE_SU-2022-3797-1.NASL", "SUSE_SU-2022-3804-1.NASL", "SUSE_SU-2022-3805-1.NASL", "SUSE_SU-2022-3806-1.NASL", "SUSE_SU-2022-3817-1.NASL", "SUSE_SU-2022-3871-1.NASL", "SUSE_SU-2022-3874-1.NASL", "SUSE_SU-2022-3884-1.NASL", "SUSE_SU-2022-3912-1.NASL", "SUSE_SU-2022-3999-1.NASL", "SUSE_SU-2022-4056-1.NASL", "SUSE_SU-2022-4279-1.NASL", "SUSE_SU-2022-4295-1.NASL", "SUSE_SU-2022-4397-1.NASL", "SUSE_SU-2022-4398-1.NASL", "SUSE_SU-2023-0165-1.NASL", "SUSE_SU-2023-0171-1.NASL", "SUSE_SU-2023-1776-1.NASL", "SUSE_SU-2023-2182-1.NASL", "SUSE_SU-2023-2183-1.NASL", "SUSE_SU-2023-2187-1.NASL", "SUSE_SU-2023-2292-1.NASL", "SUSE_SU-2023-2312-1.NASL", "UBUNTU_USN-5604-1.NASL", "UBUNTU_USN-5619-1.NASL", "UBUNTU_USN-5638-2.NASL", "UBUNTU_USN-5638-3.NASL", "UBUNTU_USN-5704-1.NASL", "UBUNTU_USN-5707-1.NASL", "UBUNTU_USN-5712-1.NASL", "UBUNTU_USN-5714-1.NASL", "UBUNTU_USN-5716-1.NASL", "UBUNTU_USN-5760-1.NASL", "UBUNTU_USN-5760-2.NASL", "UBUNTU_USN-5807-1.NASL", "UBUNTU_USN-5807-2.NASL", "UBUNTU_USN-5873-1.NASL", "UBUNTU_USN-5928-1.NASL", "UBUNTU_USN-6038-1.NASL"]}, {"type": "oracle", "idList": ["ORACLE:CPUAPR2023", "ORACLE:CPUJAN2023", "ORACLE:CPUOCT2022"]}, {"type": "oraclelinux", "idList": ["ELSA-2022-10033", "ELSA-2022-10034", "ELSA-2022-10035", "ELSA-2022-10036", "ELSA-2022-20693", "ELSA-2022-20694", "ELSA-2022-23681", "ELSA-2022-24267", "ELSA-2022-5775", "ELSA-2022-5799", "ELSA-2022-7129", "ELSA-2022-7519", "ELSA-2022-7529", "ELSA-2022-7548", "ELSA-2022-7648", "ELSA-2022-7950", "ELSA-2022-8057", "ELSA-2022-8250", "ELSA-2022-9853", "ELSA-2022-9854", "ELSA-2022-9855", "ELSA-2022-9856", "ELSA-2023-0095", "ELSA-2023-0096", "ELSA-2023-0100", "ELSA-2023-0103", "ELSA-2023-0110", "ELSA-2023-0116", "ELSA-2023-0173", "ELSA-2023-0302", "ELSA-2023-0328", "ELSA-2023-0335", "ELSA-2023-0336", "ELSA-2023-0337", "ELSA-2023-0338", "ELSA-2023-0339", "ELSA-2023-0343", "ELSA-2023-0377", "ELSA-2023-0379", "ELSA-2023-0383", "ELSA-2023-0446", "ELSA-2023-18908", "ELSA-2023-2167", "ELSA-2023-2177", "ELSA-2023-2204", "ELSA-2023-2222", "ELSA-2023-2253", "ELSA-2023-2282", "ELSA-2023-2283", "ELSA-2023-2357", "ELSA-2023-2367", "ELSA-2023-2592", "ELSA-2023-2758", "ELSA-2023-2780", "ELSA-2023-2784", "ELSA-2023-2785", "ELSA-2023-2802", "ELSA-2023-2866"]}, {"type": "osv", "idList": ["OSV:CVE-2021-46848", "OSV:CVE-2022-2056", "OSV:CVE-2022-2057", "OSV:CVE-2022-2058", "OSV:CVE-2022-2519", "OSV:CVE-2022-2520", "OSV:CVE-2022-2521", "OSV:CVE-2022-2867", "OSV:CVE-2022-2868", "OSV:CVE-2022-2869", "OSV:CVE-2022-2953", "OSV:CVE-2022-35737", "OSV:CVE-2022-40303", "OSV:CVE-2022-40304", "OSV:CVE-2022-42010", "OSV:CVE-2022-42011", "OSV:CVE-2022-42012", "OSV:CVE-2022-43680", "OSV:CVE-2022-44617", "OSV:CVE-2022-46285", "OSV:CVE-2022-4883", "OSV:DLA-3142-1", "OSV:DLA-3165-1", "OSV:DLA-3172-1", "OSV:DLA-3263-1", "OSV:DLA-3278-1", "OSV:DSA-5250-1", "OSV:DSA-5266-1", "OSV:DSA-5271-1", "OSV:DSA-5333-1", "OSV:GHSA-2394-5535-8J88", "OSV:GHSA-2QC6-MCVW-92CW", "OSV:GHSA-69CG-P879-7622", "OSV:GHSA-FWR7-V2MV-HH25", "OSV:GHSA-HMFX-3PCX-653P", "OSV:GHSA-PHJR-8J92-W5V7", "OSV:GHSA-R88R-GMRH-7J83", "OSV:GHSA-XRJJ-MJ9H-534M", "OSV:GO-2021-0061", "OSV:GO-2022-0520", "OSV:GO-2022-0524", "OSV:GO-2022-0969", "OSV:GO-2022-0988", "OSV:GO-2022-1037", "OSV:GO-2022-1038", "OSV:GO-2022-1039", "OSV:GO-2022-1059", "OSV:GO-2022-1144", "OSV:RUSTSEC-2022-0090"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:169825", "PACKETSTORM:170620"]}, {"type": "photon", "idList": ["PHSA-2022-0214", "PHSA-2022-0242", "PHSA-2022-0245", "PHSA-2022-0263", "PHSA-2022-0271", "PHSA-2022-0273", "PHSA-2022-0293", "PHSA-2022-0305", "PHSA-2022-0421", "PHSA-2022-0496", "PHSA-2022-0512", "PHSA-2022-0518", "PHSA-2022-0519", "PHSA-2022-0533", "PHSA-2022-0534", "PHSA-2022-0546", "PHSA-2022-3.0-0421", "PHSA-2022-3.0-0445", "PHSA-2022-3.0-0451", "PHSA-2022-3.0-0455", "PHSA-2022-3.0-0470", "PHSA-2022-3.0-0478", "PHSA-2022-3.0-0479", "PHSA-2022-3.0-0480", "PHSA-2022-3.0-0487", "PHSA-2022-3.0-0499", "PHSA-2022-3.0-0509", "PHSA-2022-4.0-0214", "PHSA-2022-4.0-0242", "PHSA-2022-4.0-0245", "PHSA-2022-4.0-0263", "PHSA-2022-4.0-0271", "PHSA-2022-4.0-0273", "PHSA-2022-4.0-0293", "PHSA-2022-4.0-0305", "PHSA-2023-3.0-0559", "PHSA-2023-4.0-0310", "PHSA-2023-4.0-0364"]}, {"type": "redhat", "idList": ["RHSA-2022:5775", "RHSA-2022:5799", "RHSA-2022:5866", "RHSA-2022:5875", "RHSA-2022:5879", "RHSA-2022:5923", "RHSA-2022:5924", "RHSA-2022:6040", "RHSA-2022:6042", "RHSA-2022:6051", "RHSA-2022:6053", "RHSA-2022:6061", "RHSA-2022:6062", "RHSA-2022:6065", "RHSA-2022:6066", "RHSA-2022:6103", "RHSA-2022:6113", "RHSA-2022:6152", "RHSA-2022:6182", "RHSA-2022:6183", "RHSA-2022:6184", "RHSA-2022:6187", "RHSA-2022:6188", "RHSA-2022:6262", "RHSA-2022:6283", "RHSA-2022:6290", "RHSA-2022:6308", "RHSA-2022:6344", "RHSA-2022:6345", "RHSA-2022:6346", "RHSA-2022:6347", "RHSA-2022:6348", "RHSA-2022:6370", "RHSA-2022:6429", "RHSA-2022:6430", "RHSA-2022:6517", "RHSA-2022:6560", "RHSA-2022:6714", "RHSA-2022:6882", "RHSA-2022:7129", "RHSA-2022:7398", "RHSA-2022:7399", "RHSA-2022:7401", "RHSA-2022:7407", "RHSA-2022:7434", "RHSA-2022:7435", "RHSA-2022:7519", "RHSA-2022:7529", "RHSA-2022:7548", "RHSA-2022:7648", "RHSA-2022:7950", "RHSA-2022:8057", "RHSA-2022:8098", "RHSA-2022:8250", "RHSA-2022:8534", "RHSA-2022:8535", "RHSA-2022:8626", "RHSA-2022:8634", "RHSA-2022:8781", "RHSA-2022:8812", "RHSA-2022:8841", "RHSA-2022:8893", "RHSA-2022:8977", "RHSA-2022:9047", "RHSA-2022:9096", "RHSA-2023:0069", "RHSA-2023:0095", "RHSA-2023:0096", "RHSA-2023:0100", "RHSA-2023:0103", "RHSA-2023:0110", "RHSA-2023:0116", "RHSA-2023:0173", "RHSA-2023:0264", "RHSA-2023:0302", "RHSA-2023:0328", "RHSA-2023:0335", "RHSA-2023:0336", "RHSA-2023:0337", "RHSA-2023:0338", "RHSA-2023:0339", "RHSA-2023:0343", "RHSA-2023:0377", "RHSA-2023:0378", "RHSA-2023:0379", "RHSA-2023:0380", "RHSA-2023:0381", "RHSA-2023:0382", "RHSA-2023:0383", "RHSA-2023:0384", "RHSA-2023:0407", "RHSA-2023:0408", "RHSA-2023:0445", "RHSA-2023:0446", "RHSA-2023:0466", "RHSA-2023:0467", "RHSA-2023:0468", "RHSA-2023:0470", "RHSA-2023:0481", "RHSA-2023:0542", "RHSA-2023:0569", "RHSA-2023:0570", "RHSA-2023:0584", "RHSA-2023:0630", "RHSA-2023:0631", "RHSA-2023:0632", "RHSA-2023:0633", "RHSA-2023:0634", "RHSA-2023:0692", "RHSA-2023:0708", "RHSA-2023:0709", "RHSA-2023:0727", "RHSA-2023:0728", "RHSA-2023:0769", "RHSA-2023:0772", "RHSA-2023:0774", "RHSA-2023:0786", "RHSA-2023:0794", "RHSA-2023:0795", "RHSA-2023:0802", "RHSA-2023:0803", "RHSA-2023:0804", "RHSA-2023:0899", "RHSA-2023:0918", "RHSA-2023:0930", "RHSA-2023:0931", "RHSA-2023:0932", "RHSA-2023:0934", "RHSA-2023:0977", "RHSA-2023:1030", "RHSA-2023:1042", "RHSA-2023:1047", "RHSA-2023:1079", "RHSA-2023:1154", "RHSA-2023:1174", "RHSA-2023:1179", "RHSA-2023:1181", "RHSA-2023:1268", "RHSA-2023:1275", "RHSA-2023:1276", "RHSA-2023:1286", "RHSA-2023:1310", "RHSA-2023:1325", "RHSA-2023:1328", "RHSA-2023:1329", "RHSA-2023:1428", "RHSA-2023:1448", "RHSA-2023:1529", "RHSA-2023:1655", "RHSA-2023:1656", "RHSA-2023:1816", "RHSA-2023:1817", "RHSA-2023:2041", "RHSA-2023:2177", "RHSA-2023:2193", "RHSA-2023:2204", "RHSA-2023:2222", "RHSA-2023:2282", "RHSA-2023:2728", "RHSA-2023:2758", "RHSA-2023:2780", "RHSA-2023:2784", "RHSA-2023:2785", "RHSA-2023:2802", "RHSA-2023:3204", "RHSA-2023:3205", "RHSA-2023:3216", "RHSA-2023:3296", "RHSA-2023:3355"]}, {"type": "redhatcve", "idList": ["RH:CVE-2021-4235", "RH:CVE-2021-43138", "RH:CVE-2021-46848", "RH:CVE-2022-2056", "RH:CVE-2022-2057", "RH:CVE-2022-2058", "RH:CVE-2022-2519", "RH:CVE-2022-2520", "RH:CVE-2022-2521", "RH:CVE-2022-27664", "RH:CVE-2022-2867", "RH:CVE-2022-2868", "RH:CVE-2022-2869", "RH:CVE-2022-2879", "RH:CVE-2022-2880", "RH:CVE-2022-2953", "RH:CVE-2022-2995", "RH:CVE-2022-30631", "RH:CVE-2022-3162", "RH:CVE-2022-3172", "RH:CVE-2022-32148", "RH:CVE-2022-32149", "RH:CVE-2022-32189", "RH:CVE-2022-32190", "RH:CVE-2022-3259", "RH:CVE-2022-3466", "RH:CVE-2022-35737", "RH:CVE-2022-3821", "RH:CVE-2022-40303", "RH:CVE-2022-40304", "RH:CVE-2022-41715", "RH:CVE-2022-41717", "RH:CVE-2022-42010", "RH:CVE-2022-42011", "RH:CVE-2022-42012", "RH:CVE-2022-43680", "RH:CVE-2022-44617", "RH:CVE-2022-46285", "RH:CVE-2022-4883"]}, {"type": "redos", "idList": ["ROS-20221013-01", "ROS-20221103-04", "ROS-20221110-01", "ROS-20230124-05"]}, {"type": "rocky", "idList": ["RLSA-2022:5775", "RLSA-2022:5799", "RLSA-2022:7129", "RLSA-2022:7519", "RLSA-2022:7529", "RLSA-2022:7548", "RLSA-2022:7648", "RLSA-2022:7950", "RLSA-2022:8057", "RLSA-2022:8098", "RLSA-2022:8250", "RLSA-2023:0095", "RLSA-2023:0096", "RLSA-2023:0103", "RLSA-2023:0110", "RLSA-2023:0116", "RLSA-2023:0173", "RLSA-2023:0302", "RLSA-2023:0328", "RLSA-2023:0335", "RLSA-2023:0336", "RLSA-2023:0337", "RLSA-2023:0338", "RLSA-2023:0339", "RLSA-2023:0343", "RLSA-2023:0379", "RLSA-2023:0383", "RLSA-2023:0446"]}, {"type": "rosalinux", "idList": ["ROSA-SA-2023-2096", "ROSA-SA-2023-2149"]}, {"type": "rustsec", "idList": ["RUSTSEC-2022-0090"]}, {"type": "slackware", "idList": ["SSA-2022-298-01", "SSA-2022-341-01", "SSA-2023-003-01", "SSA-2023-018-03"]}, {"type": "sqlite", "idList": ["SQLT:CVE-2022-35737"]}, {"type": "suse", "idList": ["SUSE-SU-2022:2647-1", "SUSE-SU-2022:2647-2", "SUSE-SU-2022:2671-1", "SUSE-SU-2022:2672-1", "SUSE-SU-2022:3307-1", "SUSE-SU-2022:3325-1", "SUSE-SU-2022:3326-1", "SUSE-SU-2022:3668-1", "SUSE-SU-2022:3669-1", "SUSE-SU-2022:3690-1", "SUSE-SU-2022:3692-1", "SUSE-SU-2022:3784-1", "SUSE-SU-2022:3805-1", "SUSE-SU-2022:3806-1", "SUSE-SU-2022:3871-1", "SUSE-SU-2022:3884-1", "SUSE-SU-2022:3912-1"]}, {"type": "thn", "idList": ["THN:0609724C4719D98B329E3CFBBAC9C4EB"]}, {"type": "trellix", "idList": ["TRELLIX:D11572BEEA987F8F8C27E6F40965167E"]}, {"type": "ubuntu", "idList": ["USN-5604-1", "USN-5619-1", "USN-5638-2", "USN-5638-3", "USN-5638-4", "USN-5704-1", "USN-5707-1", "USN-5712-1", "USN-5714-1", "USN-5716-1", "USN-5716-2", "USN-5760-1", "USN-5760-2", "USN-5807-1", "USN-5807-2", "USN-5873-1", "USN-5928-1", "USN-6038-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2021-4235", "UB:CVE-2021-46848", "UB:CVE-2022-2056", "UB:CVE-2022-2057", "UB:CVE-2022-2058", "UB:CVE-2022-2519", "UB:CVE-2022-2520", "UB:CVE-2022-2521", "UB:CVE-2022-27664", "UB:CVE-2022-2867", "UB:CVE-2022-2868", "UB:CVE-2022-2869", "UB:CVE-2022-2879", "UB:CVE-2022-2880", "UB:CVE-2022-2953", "UB:CVE-2022-30631", "UB:CVE-2022-3162", "UB:CVE-2022-3172", "UB:CVE-2022-32148", "UB:CVE-2022-32149", "UB:CVE-2022-32189", "UB:CVE-2022-32190", "UB:CVE-2022-35737", "UB:CVE-2022-3821", "UB:CVE-2022-40303", "UB:CVE-2022-40304", "UB:CVE-2022-41715", "UB:CVE-2022-41717", "UB:CVE-2022-42010", "UB:CVE-2022-42011", "UB:CVE-2022-42012", "UB:CVE-2022-43680", "UB:CVE-2022-44617", "UB:CVE-2022-46285", "UB:CVE-2022-4883"]}, {"type": "veracode", "idList": ["VERACODE:35003", "VERACODE:36237", "VERACODE:36238", "VERACODE:36259", "VERACODE:36442", "VERACODE:36450", "VERACODE:36480", "VERACODE:36573", "VERACODE:36734", "VERACODE:36737", "VERACODE:36739", "VERACODE:36850", "VERACODE:36876", "VERACODE:36877", "VERACODE:36904", "VERACODE:36966", "VERACODE:36979", "VERACODE:37185", "VERACODE:37197", "VERACODE:37416", "VERACODE:37417", "VERACODE:37418", "VERACODE:37557", "VERACODE:37563", "VERACODE:37564", "VERACODE:37577", "VERACODE:37593", "VERACODE:37594", "VERACODE:37678", "VERACODE:37779", "VERACODE:38028", "VERACODE:38396", "VERACODE:38692", "VERACODE:38954", "VERACODE:38962", "VERACODE:38967", "VERACODE:39056", "VERACODE:39057", "VERACODE:39058", "VERACODE:39059"]}, {"type": "zdt", "idList": ["1337DAY-ID-38064", "1337DAY-ID-38170"]}]}, "epss": [{"cve": "CVE-2021-4235", "epss": 0.00045, "percentile": 0.12417, "modified": "2023-05-02"}, {"cve": "CVE-2021-43138", "epss": 0.00057, "percentile": 0.21623, "modified": "2023-05-02"}, {"cve": "CVE-2021-46848", "epss": 0.00083, "percentile": 0.33981, "modified": "2023-05-02"}, {"cve": "CVE-2022-2056", "epss": 0.00067, "percentile": 0.27439, "modified": "2023-05-02"}, {"cve": "CVE-2022-2057", "epss": 0.00067, "percentile": 0.27439, "modified": "2023-05-02"}, {"cve": "CVE-2022-2058", "epss": 0.00067, "percentile": 0.27439, "modified": "2023-05-02"}, {"cve": "CVE-2022-2519", "epss": 0.00047, "percentile": 0.14499, "modified": "2023-05-02"}, {"cve": "CVE-2022-2520", "epss": 0.00047, "percentile": 0.14499, "modified": "2023-05-02"}, {"cve": "CVE-2022-2521", "epss": 0.00047, "percentile": 0.14499, "modified": "2023-05-02"}, {"cve": "CVE-2022-27664", "epss": 0.00075, "percentile": 0.30416, "modified": "2023-05-02"}, {"cve": "CVE-2022-2867", "epss": 0.00042, "percentile": 0.05706, "modified": "2023-05-02"}, {"cve": "CVE-2022-2868", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-2869", "epss": 0.00042, "percentile": 0.05706, "modified": "2023-05-02"}, {"cve": "CVE-2022-2879", "epss": 0.00056, "percentile": 0.21045, "modified": "2023-05-02"}, {"cve": "CVE-2022-2880", "epss": 0.00076, "percentile": 0.30743, "modified": "2023-05-02"}, {"cve": "CVE-2022-2953", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-2995", "epss": 0.00043, "percentile": 0.07019, "modified": "2023-05-02"}, {"cve": "CVE-2022-30631", "epss": 0.00056, "percentile": 0.21045, "modified": "2023-05-02"}, {"cve": "CVE-2022-3162", "epss": 0.0005, "percentile": 0.164, "modified": "2023-05-02"}, {"cve": "CVE-2022-32148", "epss": 0.00052, "percentile": 0.18171, "modified": "2023-05-02"}, {"cve": "CVE-2022-32149", "epss": 0.00059, "percentile": 0.22856, "modified": "2023-05-02"}, {"cve": "CVE-2022-32189", "epss": 0.00059, "percentile": 0.22856, "modified": "2023-05-02"}, {"cve": "CVE-2022-32190", "epss": 0.00061, "percentile": 0.24007, "modified": "2023-05-02"}, {"cve": "CVE-2022-3259", "epss": 0.00089, "percentile": 0.36673, "modified": "2023-05-02"}, {"cve": "CVE-2022-35737", "epss": 0.00076, "percentile": 0.30748, "modified": "2023-05-02"}, {"cve": "CVE-2022-3821", "epss": 0.00042, "percentile": 0.05656, "modified": "2023-05-02"}, {"cve": "CVE-2022-40303", "epss": 0.00138, "percentile": 0.4797, "modified": "2023-05-02"}, {"cve": "CVE-2022-40304", "epss": 0.00079, "percentile": 0.32388, "modified": "2023-05-02"}, {"cve": "CVE-2022-41715", "epss": 0.00059, "percentile": 0.22856, "modified": "2023-05-02"}, {"cve": "CVE-2022-41717", "epss": 0.00097, "percentile": 0.39246, "modified": "2023-05-02"}, {"cve": "CVE-2022-42010", "epss": 0.00049, "percentile": 0.15516, "modified": "2023-05-02"}, {"cve": "CVE-2022-42011", "epss": 0.00049, "percentile": 0.15516, "modified": "2023-05-02"}, {"cve": "CVE-2022-42012", "epss": 0.00049, "percentile": 0.15516, "modified": "2023-05-02"}, {"cve": "CVE-2022-43680", "epss": 0.00092, "percentile": 0.38068, "modified": "2023-05-02"}, {"cve": "CVE-2022-44617", "epss": 0.00057, "percentile": 0.21616, "modified": "2023-05-02"}, {"cve": "CVE-2022-46285", "epss": 0.0011, "percentile": 0.42702, "modified": "2023-05-02"}, {"cve": "CVE-2022-4883", "epss": 0.00067, "percentile": 0.27485, "modified": "2023-05-02"}], "vulnersScore": 7.6}, "_state": {"score": 1686064494, "dependencies": 0, "epss": 0}, "_internal": {"score_hash": "5cb64c9c1a8995e75d59547eac06784a"}, "affectedPackage": [], "vendorCvss": {"severity": "moderate"}}

{"oraclelinux": [{"lastseen": "2023-06-06T15:34:19", "description": "[4.0.9-26]\n- Fix various CVEs\n- Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521 CVE-2022-2953\n[4.0.9-25]\n- Fix CVE-2022-2867 (#2118857)\n- Fix CVE-2022-2868 (#2118882)\n- Fix CVE-2022-2869 (#2118878)\n[4.0.9-24]\n- Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058\n- Resolves: #2103222", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-12T00:00:00", "type": "oraclelinux", "title": "libtiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-01-12T00:00:00", "id": "ELSA-2023-0095", "href": "http://linux.oracle.com/errata/ELSA-2023-0095.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-06T15:34:14", "description": "[4.4.0-5]\n- Bump release\n- Resolves: CVE-2022-2953\n[4.4.0-4]\n- Resolves: CVE-2022-2519 CVE-2022-2520 CVE-2022-2521\n[4.4.0-3]\n- Fix CVE-2022-2056 CVE-2022-2057 CVE-2022-2058\n- Resolves: #2106768", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 3.6}, "published": "2023-01-24T00:00:00", "type": "oraclelinux", "title": "libtiff security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2953"], "modified": "2023-01-24T00:00:00", "id": "ELSA-2023-0302", "href": "http://linux.oracle.com/errata/ELSA-2023-0302.html", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:33", "description": "cockpit-composer\n[45-1.0.1]\n- Make per page documentation links point to Oracle Linux [Orabug: 32013095]\n[45-1]\n- New upstream release\n[44-1]\n- New upstream release\n[43-1]\n- New upstream release\n[42-1]\n- New upstream release\n[40-1]\n- New upstream release\n[39-1]\n- New upstream release\n[38-1]\n- New upstream release\n[37-1]\n- New upstream release\n[35-1]\n- New upstream release\n[34-1]\n- New upstream release\n[33-1]\n- Add support for OCI upload target\n- Update translations\n- Update dependencies\n[32-1]\n- Add Edge Raw, RHEL Installer, Edge Simplified Installer image types\n- Improve user account modal responsiveness\n- Update tests\n- Update minor NPM dependencies\n- Update translation files\n[31-1]\n- Add new ostree image types\n- Improve loading state when waiting for api responses\n- Improve notification system\n- Improve test stability\n- Update NPM dependencies\n- Update translations\n[29-1]\n- Add ability to upload to VMWare\n- Add support for additional ostree parameters\n- Update NPM dependencies\n- Add and update translations\n- Minor test fixes\n[28-1]\n- Use sentence case rather than title case\n- Add and update tests\n- Update translations from weblate\n- Update minor NPM dependencies\n[27-1]\n- Sync with upstream release 27\n- Add additional form validation for the Create Image Wizard\n- Improve page size dropdown styling\n- Improve error state messages\n- Update pagination component for pf4\n- Add wildcards and support for multiple values to input filter\n- Update translations\n[22.1-1]\n- Patternfly imports are standardized to be consistent with cockpit\n- Cancel image build button bug fixed\n- Empty components state provides a help message\n- Wizard component has bug fixes and is refactored for future scalability\n- Test updates\n- ESLint upgraded to version 7 and the code style is improved\n- Translation files are updated from fedora weblate\n- Cockpit-composer's dependency on osbuild-composer is more specific\n- Coverity scan is now supported to help improve code quality\n- Resolves: #1820539\n[21.1-1]\n- Support setting parameters (ref and parent) for ostree images\n- Loosen restrictions on password strength\n- Various UI refinements\n[20.1-1]\n- Migrate to the osbuild-composer backend\n- Supports uploading images to AWS and Azure\n[12.1-1]\n- Fix integration tests, external test repository URL ceased to exist\n- Translation updates rhbz#1784453\n- Add documentation URL page help menu\n[11-1]\n- Show depsolve errors on the blueprints page\n- Add labels for additional output types (rhbz#1769154)\n- Expose Image Builder on /composer, not /welder\n- Define a URL for each tab on a blueprint page\n- Provide a link in the image creation notification to the Images tab on the blueprint page\n[5-1]\n- Fix PropTypes for the homepage\n- Code clean up for the list of components\n[4-1]\n- Add additional blueprint name validation rhbz#1696415\n- Fix images not loading on refresh\n- Add notification for source repo deletion\n- Fix AppStream ID\n- Translation updates\n[2-1]\n- Strip newlines from SSH keys before saving\n- Translation updates rhbz#1689979\n[1-1]\n- New version 1\n- Translation updates rhbz#1689979\n[0.4-1]\n- New version 0.4\n- Include ability to start lorax-composer rhbz#1708387\n[0.3-1]\n- New version 0.3\n- Add/edit/remove sources\n- Remove new line in encrypted password rhbz#1655862\n- Resolve issues with changes saved to the workspace\n[0.2.1-1]\n- New version 0.2.1\n- Several fixes to User Account creation dialog\n[0.2.0-1]\n- New version 0.2.0\n- Include ability to add a user to a blueprint rhbz#1655862\n[0.1.8-1]\n- New version 0.1.8\n- Provide visual indication when a blueprint component is a dependency\n- Enable Undo to retrieve changes after the Discard Changes action\n- Update how blueprint contents are depsolved when contents are added/removed\n- Display an error if a component is added that results in a depsolve failure\n- Show all versions available for a package\n- Provide ability to specify a wildcard version for a package rhbz#1673066\n[0.1.7-1]\n- New version 0.1.7\n Resolves: rhbz#1640184\n- Capitalize OpenStack corrently in the image create dialog (anilsson)\n- Add AppStream metainfo (mpitt)\n- Make cockpit-composer the only package name (mpitt)\n- Lots of integration test improvements (henrywangxf)\n[0.1.6-1]\n- New version 0.1.6\n Resolves: rhbz#1640184\n- Include spec into release tarball (mpitt)\n- Fix a bug in importSanity test. (henrywangxf)\n- Add RHEL-X in welder-web test scenarios. (henrywangxf)\n- test: Support Cockpit test scenario (mpitt)\n- Makefile: Simplify variable defaults (mpitt)\n- A big commit to fix random failure on chrome. (henrywangxf)\n- Remove inert 'Architecture' field in 'Create Image' dialog (#388) (stefw)\n- po: Update from Fedora Zanata (lars)\n- Remove ForEach to run two test cases but use two separate cases. If there's\n one case failed, I can find it according to case name. (henrywangxf)\n- Wait for delete menu action visable before click it. (henrywangxf)\n- test: Drop node installation from vm.install (mpitt)\n- Don't clean bots/ directory for VM preparation (mpitt)\n- Two improvements: (henrywangxf)\n- Go to view blueprint page by clicking blueprint name link instead of by URL.\n That helps improving case stability. (henrywangxf)\n- Move sed to test/vm.install from test/run because developers do not normally\n use test/run to trigger tests. (henrywangxf)\n- test: Only install node if it isn't already available (mpitt)\n- Makefile: bots is not a phony target (mpitt)\n[0.1.5-1]\n- New version 0.1.5\n Related: rhbz#1613058\n- Found a code coverage bug and fix it. (henrywangxf)\n- Update README.md to support Cockpit CI. (henrywangxf)\n- Updates Create Image modal to not have a default image type (jgiardin)\n- Add support for Modules during Add/Remove (jgiardin)\n- new test: Build mock images and verify download becomes enabled (atodorov)\n- Fix flaky issue when running test on chrome (henrywangxf)\n- Add selenium debug support. (henrywangxf)\n- Creates user-friendly labels to display for image types (jgiardin)\n- Compile with code coverage enabled, collect coverage result and upload to codecov.io. (henrywangxf)\n- new test: verify stock blueprints from backend are displayed (atodorov)\n- Simplify selenium startup again (mpitt)\n- Temporarily support selenium images with and without -debug variants (mpitt)\n- Fix python string format issue (henrywangxf)\n- Remove ugly blank except in tests (henrywangxf)\n- README: We're running tests on Cockpit's CI now (lars)\n- Fix tests to not exit with non-zero code (#362) (henrywangxf)\n- Update Discard Changes to delete workspace (jgiardin)\n- Fix test case 'Then selected component icon should have border' (henrywangxf)\n- Cockpit CI Integration (henrywangxf)\n- Display modules in list of selected components (jgiardin)\n- pass blueprint data that's expected on save (jgiardin)\n- Fix /run/weldr permission issue (henrywangxf)\n- Fix end-to-end test cases (henrywangxf)\n- po: Update Japanese translations from Zanata (lars)\n[0.1.4-1]\n- New version 0.1.4\n Related: rhbz#1613058\n- Adds queue status to an infotip in the Create Image modal (jgiardin)\n- Update Create Image modal to also commit unsaved changes (jgiardin)\n- Catching a couple of minor issues (jgiardin)\n- Update Create Image modal to include blueprint object instead of just name (jgiardin)\n- Update Create Image button selector in end-to-end test (jgiardin)\n- Display warning messages to the user in Create Image modal (jgiardin)\n- use updated property key from api for date created (jgiardin)\n- translations: Fail when zanata-js is not installed (lars)\n- README.md: Add missing translations: (lars)\n- translations: remove test target (lars)\n- po: Update from Fedora Zanata (lars)\n- translations: move po files and scripts to po/ (lars)\n- translations: Strip country code when loading react-intl's locale-data (mpitt)\n- remove redundant .then(data => data) (jgiardin)\n- Add ability to stop builds that are waiting or running (jgiardin)\n- Change text from 'Delete Build' to 'Delete Image' (jgiardin)\n- Update Delete Blueprint modal to match layout of Delete Build (jgiardin)\n- Fix miscellaneous propType warnings (jgiardin)\n- Include confirmation modal for deleting a finished build (jgiardin)\n- Swap order of date and type in the Image list item details (jgiardin)\n- Add Delete action for Finished composes (jgiardin)\n- Add ability to delete Failed builds (jgiardin)\n- test_blueprints: Make blueprint selection more robust (lars)\n- Use upstream patternfly-react's Tab component (lars)\n- Changes en-dash to dash and adds spaces (jgiardin)\n- Updates based on a11y review, also simplified i18n format (jgiardin)\n- minor tweaks to improve the screen reader experience (jgiardin)\n- Makes strings translatable in pagination for available components (jgiardin)\n- Update React and enzyme (lars)\n- package.json: Use ~ instead of ^ versions for dependencies (lars)\n- Drop unused dependencies (lars)\n- package.json: update dependencies (lars)\n- Remove package-lock.json (lars)\n[0.1.3-1]\n- New version 0.1.3\n Related: rhbz#1613058\n- Update Create Image notifications (#328) (jgiardin)\n- Make strings translatable in Pending Changes dialog (#341) (jgiardin)\n- Makefile: don't run po-pull on dist (lars)\n- Add the .spec files to .PHONY (bcl)\n[0.1.2-1]\n- New Version 0.1.2\n Related: rhbz#1613058\n- Add the .spec files to .PHONY (bcl)\n- Add welder-web and cockpit-composer release instructions (bcl)\n- Add a 'tag' target to the Makefile (bcl)\n- Adjust image list layout to improve alignment (jgiardin)\n- Fix blueprint packages getting added to history (jacobdkozol)\n- Fixed bug where startComposeApi would not return start compose response (sfondell)\n- Run make po-push from travis on pushes to master. (dshea)\n- Add a po-push target to the Makefile. (dshea)\n- Don't call compose API on the blueprints page (lars)\n- Support downloading images (lars)\n- Fix fetchComposes() call (lars)\n- Update text string (jgiardin)\n- add bootstrap class for large modals (jgiardin)\n- Fix issues with translated strings and add one more for 'Close' (jgiardin)\n- Make strings translatable (but includes build error) (jgiardin)\n- Update layout (jgiardin)\n- Don't show custom sources section if empty (jgiardin)\n- Add modal for listing sources (jgiardin)\n- Revert 'Revert 'Add python and gcc to the Dockerfiles.'' (dshea)\n- Include translations in the dist tarball (dshea)\n- Remove the zanata-js crud from package-lock.json (dshea)\n- Fix how fetching blueprints/composes is triggered (jacobdkozol)\n- Update API calls error messages (jacobdkozol)\n- Fix polling issue. Add error action. (jacobdkozol)\n- Add loading images from prior sessions and sort by start time. (jacobdkozol)\n- Revert 'Run npm rebuild after npm install.' (lars)\n- Revert 'Add python and gcc to the Dockerfiles.' (lars)\n- Don't update translations on every build (lars)\n- Fix yamllint errors on .travis.yml (dshea)\n- Add new requirements to the travis environment (dshea)\n- Add a script for testing translations. (dshea)\n- Run npm rebuild after npm install. (dshea)\n- Make the editBlueprint selector more specific. (dshea)\n- Add python and gcc to the Dockerfiles. (dshea)\n- Add a i18n section to the README (dshea)\n- Create cockpit translation modules. (dshea)\n- Extract cockpit manifest strings for translation. (dshea)\n- Add translated messages. (dshea)\n- Add scripts for interacting with Zanata. (dshea)\n- Internationalize strings with react-intl. (dshea)\n- Fix PR#309 imported issue. The rpm package should be welder-web*.noarch.rpm, not welder-web*.x86_64.rpm (henrywangxf)\n- Build srpm together with rpm (atodorov)\n- Images list UI refinements (jgiardin)\n- cockpituous-release: Use upstream release-source (martinpitt)\n- core: Use escalated privileges to access Lorax API (stefw)\n- remove utils from Layout (jgiardin)\n- Remove unused Layout components (jgiardin)\n- Submit coverage report only if present (atodorov)\n- Use default composer dir without --group option (atodorov)\n- Fix created image not being added to state (jacobdkozol)\n- package.json: Remove bootstrap-select (lars)\n- package.json: Update stylelint (lars)\n- blueprints: Show actual error message (lars)\n- core: propagate errors from cockpitFetch() (lars)\n[0.1.1-1]\n- fixes blueprints end-to-end test (jgiardin)\n- Hides Comment feature from Pending Changes modal (jgiardin)\n- Remove non-functional UI elements/components (jgiardin)\n- fixes line length in unit test (jgiardin)\n- update selector for Edit Blueprint button in test (jgiardin)\n- fixes empty state on blueprints page and tests (jgiardin)\n- fixes spacing errors (jgiardin)\n- fixes bad merges during rebase (jgiardin)\n- handles error case for fetching blueprints (jgiardin)\n- sets timeout on Loading state (jgiardin)\n- how did that 'n' get in there? (jgiardin)\n- fixes line length (jgiardin)\n- Disables actions (jgiardin)\n- Updates UI based on state, for loading and error (jgiardin)\n- Adds reducer for updating state when an error occurs (jgiardin)\n- updates state to hold values for fetch status (jgiardin)\n- components: Use consistent syntax for handlers (lars)\n- Fix two issues. (henrywangxf)\n- test/create.image: simplify shallow wrapper creation (lars)\n- CreateImage: don't call unset handlers (lars)\n- test/create.image: also conider handleStartCompose (lars)\n- correcting the initial state (jgiardin)\n- updates mockState in unit tests to match state updates for Filters (jgiardin)\n- Merge pull request #250 from larskarlitski/remove-mock-data (jgiardin)\n- Remove mock data (lars)\n- Add lorax-composer test and remove stand alone welder-web test. (henrywangxf)\n- Domain socket support in UI testing. (henrywangxf)\n- Update queue status text, Remove cancel button (jacobdkozol)\n- Added status icons for imageListView (jacobdkozol)\n- Add start compose functionality (jacobdkozol)\n- Fix blueprint page issue loading components (jacobdkozol)\n- Remove redux persist (jacobdkozol)\n- Remove unused code (lars)\n- Merge pull request #248 from jgiardino/filter (jgiardin)\n- Merge pull request #262 from andreasn/form-control-fx-style (jgiardin)\n- Fix style of pagination input under available components (anilsson)\n- fix issue when multiple filters are defined (jgiardin)\n- implements filtering and refactors toolbars (jgiardin)\nosbuild\n[81-1]\n- New upstream release\n[80-1]\n- New upstream release\n[79-1]\n- New upstream release\n[78-1]\n- New upstream release\n[77-1]\n- New upstream release\n[76-1]\n- New upstream release\n[75-1]\n- New upstream release\n[73-1]\n- New upstream release\n[72-1]\n- New upstream release\n[71-1]\n- New upstream release\n[70-1]\n- New upstream release\nosbuild-composer\n[75-1]\n- New upstream release\n[74-1]\n- New upstream release\n[73-1]\n- New upstream release\n[72-1]\n- New upstream release\n[71-1]\n- New upstream release\n[70-1]\n- New upstream release\n[69-1]\n- New upstream release\n[68-1]\n- New upstream release\n[67-1]\n- New upstream release\n[62-1]\n- New upstream release\n[60-1]\n- New upstream release\n[59-1]\n- New upstream release\n[58-1]\n- New upstream release\n[57-1]\n- New upstream release\n[55-1]\n- New upstream release\n[54-1]\n- New upstream release\n[53-1]\n- New upstream release\n[51-1]\n- New upstream release\n[46-1]\n- New upstream release\n[45-1]\n- New upstream release\n[44-1]\n- New upstream release\n[43-1]\n- New upstream release\n[42-1]\n- New upstream release\n[40-1]\n- New upstream release\n[37-1]\n- New upstream release\n[36-1]\n- New upstream release\n[33-1]\n- New upstream release\n[32-2]\n- New upstream release\n[31-1]\n- New upstream release\n[28-1]\n- New upstream release\n[27-1]\n- New upstream release\n[26-1]\n- New upstream release\n[25-1]\n- New upstream release 25 (rhbz#1883481)\n[20.1-1]\n- New upstream release 20.1 (rhbz#1872370)\n[20-1]\n- New upstream release 20 (rhbz#1871184 and rhbz#1871179)\n[19-1]\n- New upstream release 19 (rhbz#1866015 and rhbz#1866013)\n[17-1]\n- New upstream release 17 (rhbz#1831653)\n- Obsolete lorax-composer in favor of osbuild-composer (rhbz#1836844)\n[16-1]\n- New upstream release 16 (rhbz#1831653)\n[15-1]\n- New upstream release 15 (rhbz#1831653)\n[14-1]\n- New upstream release 14 (rhbz#1831653)\n[13-1]\n- New upstream release 13 (rhbz#1831653)\n[11-1]\n- Initial package (renamed from golang-github-osbuild-composer) (rhbz#1771887)\nweldr-client\n[35.9-2]\n- tests: Remove default repos before running tests\n Related: rhbz#2168666\n[35.9-1]\n- Copy rhel-88.json test repository from osbuild-composer\n- Update osbuild-composer test repositories from osbuild-composer\n- New release: 35.9 (bcl)\n Resolves: rhbz#2168666\n- tests: Replace os.MkdirTemp with t.TempDir (bcl)\n- blueprint save: Allow overriding bad blueprint names (bcl)\n- tests: Clean up checking err in tests (bcl)\n- composer-cli: Implement blueprints diff (bcl)\n- saveBlueprint: Return the filename to the caller (bcl)\n- composer-cli: Add tests for using --commit with old servers (bcl)\n- weldr: Return error about the blueprints change route (bcl)\n- weldr: Save the http status code as part of APIResponse (bcl)\n- Add --commit support to blueprints save (bcl)\n- Add --commit to blueprints show (bcl)\n- gitleaks: Exclude the test password used in tests (bcl)\n- ci: add tags to AWS instances (tlavocat)\n- Update github.com/BurntSushi/toml to 1.2.1\n- Update github.com/stretchr/testify to 1.8.1\n- Update bump github.com/spf13/cobra to 1.6.1\n- New release: 35.8 (bcl)\n- completion: Remove providers from bash completion script (bcl)\n- completion: Filter out new headers from compose list (bcl)\n- docs: Remove unneeded Long descriptions (bcl)\n- docs: Use a custom help template (bcl)\n- docs: Add more command documentation (bcl)\n- cmdline: Add package glob support to modules list command (bcl)\n- workflow: Add govulncheck on go v1.18 (bcl)\n- tests: Update to use golangci-lint 1.49.0 (bcl)\n- New release: 35.7 (bcl)\n- spec: Move %gometa macro above %gourl (bcl)\n- weldr: When starting a compose pass size as bytes, not MiB (bcl)\n- tests: Use correct size value in bytes for test (bcl)\n- workflow: Add Go 1.18 to text matrix (bcl)\n- Replace deprecated ioutil functions (bcl)\n- New release: 35.6 (bcl)\n- tests: Update tests for osbuild-composer changes (bcl)\n- CMD: Compose status format (eloy.coto)\n- CMD: Compose list format (eloy.coto)\n- tests: Update tests to check for JSON list output (bcl)\n- composer-cli: Change JSON output to be a list of objects (bcl)\n- weldr: Simplify the old ComposeLog, etc. functions (bcl)\n- composer-cli: Add --filename to blueprints freeze save command (bcl)\n- composer-cli: Add --filename to blueprints save command (bcl)\n- composer-cli: Add --filename to compose logs command (bcl)\n- composer-cli: Add --filename to compose image command (bcl)\n- composer-cli: Add --filename to compose metadata command (bcl)\n- composer-cli: Add --filename to compose results command (bcl)\n- weldr: Add saving to a new filename to GetFilePath function (bcl)\n- github: Fix issue with codecov and forced pushes in PRs (bcl)\n- Use golangci-lint 1.45.2 in workflow (bcl)\n- Run workflow tests for go 1.16.x and 1.17.x (bcl)\n- Move go.mod to go 1.16 (bcl)\n- workflows/trigger-gitlab: run Gitlab CI in new image-builder project (jrusz)\n- Update GitHub actions/setup-go to 3\n- Update GitHub actions/checkout to 3", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-05-24T00:00:00", "type": "oraclelinux", "title": "Image Builder security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-24T00:00:00", "id": "ELSA-2023-2780", "href": "http://linux.oracle.com/errata/ELSA-2023-2780.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:27", "description": "cockpit-composer\n[45-1.0.1]\n- Make per page documentation links point to Oracle Linux [Orabug: 32013095], [Orabug:34398922]\n[45-1]\n- New upstream release\n[44-1]\n- New upstream release\n[43-1]\n- New upstream release\n[42-1]\n- New upstream release\nosbuild\n[81-1]\n- New upstream release\n[80-1]\n- New upstream release\n[79-1]\n- New upstream release\n[78-1]\n- New upstream release\n[77-1]\n- New upstream release\n[76-1]\n- New upstream release\n[75-1]\n- New upstream release\n[74-1]\n- New upstream release\n[73-1]\n- New upstream release\n[72-1]\n- New upstream release\n[71-1]\n- New upstream release\n[70-1]\n- New upstream release\n[69-1]\n- New upstream release\nosbuild-composer\n[76-2]\n- distro/rhel: add payload repos to os package set (rhbz#2177699)\n- Manifest: always set kernel options in grub2 stage (rhbz#2162299)\n[76-1]\n- New upstream release\n[75-1]\n- New upstream release\n[74-1]\n- New upstream release\n[73-1]\n- New upstream release\n[72-1]\n- New upstream release\n[71-1]\n- New upstream release\n[70-1]\n- New upstream release\n[69-1]\n- New upstream release\n[68-1]\n- New upstream release\n[67-2]\n- Fix functional tests to make them pass in RHEL-9.2 gating\n[67-1]\n- New upstream release\n[62-1]\n- New upstream release\n[60-1]\n- New upstream release\n[59-1]\n- New upstream release\n[58-1]\n- New upstream release\n[57-1]\n- New upstream release\n[55-1]\n- New upstream release\n[54-1]\n- New upstream release\n[53-1]\n- New upstream release\n[51-1]\n- New upstream release\n[46-1]\n- New upstream release\n[45-1]\n- New upstream release\n[44-1]\n- New upstream release\n[43-1]\n- New upstream release\n[42-1]\n- New upstream release\n[41-1]\n- New upstream release\n[40-1]\n- New upstream release\n[39-1]\n- New upstream release\n[38-1]\n- New upstream release\n* Tue Nov 02 2021 lavocatt - 37-1\n- New upstream release\n[36-1]\n- New upstream release\n[33-1]\n- New upstream release\n[32-1]\n- New upstream release\n[31-1]\n- New upstream release\n[30-2]\n- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags\n Related: rhbz#1991688\n[30-1]\n- New upstream release\n[29-3]\n- Rebuilt for RHEL 9 BETA for openssl 3.0\n Related: rhbz#1971065\n[29-2]\n- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937\nweldr-client\n[35.9-1]\n- Copy rhel-92.json test repository from osbuild-composer\n- Update osbuild-composer test repositories from osbuild-composer\n- New release: 35.9 (bcl)\n Resolves: rhbz#2164560\n- tests: Replace os.MkdirTemp with t.TempDir (bcl)\n- blueprint save: Allow overriding bad blueprint names (bcl)\n- tests: Clean up checking err in tests (bcl)\n- composer-cli: Implement blueprints diff (bcl)\n- saveBlueprint: Return the filename to the caller (bcl)\n- composer-cli: Add tests for using --commit with old servers (bcl)\n- weldr: Return error about the blueprints change route (bcl)\n- weldr: Save the http status code as part of APIResponse (bcl)\n- Add --commit support to blueprints save (bcl)\n- Add --commit to blueprints show (bcl)\n- gitleaks: Exclude the test password used in tests (bcl)\n- ci: add tags to AWS instances (tlavocat)\n- Update github.com/BurntSushi/toml to 1.2.1\n- Update github.com/stretchr/testify to 1.8.1\n- Update bump github.com/spf13/cobra to 1.6.1\n- New release: 35.8 (bcl)\n- completion: Remove providers from bash completion script (bcl)\n- completion: Filter out new headers from compose list (bcl)\n- docs: Remove unneeded Long descriptions (bcl)\n- docs: Use a custom help template (bcl)\n- docs: Add more command documentation (bcl)\n- cmdline: Add package glob support to modules list command (bcl)\n- workflow: Add govulncheck on go v1.18 (bcl)\n- tests: Update to use golangci-lint 1.49.0 (bcl)\n- New release: 35.7 (bcl)\n- spec: Move %gometa macro above %gourl (bcl)\n- weldr: When starting a compose pass size as bytes, not MiB (bcl)\n- tests: Use correct size value in bytes for test (bcl)\n- workflow: Add Go 1.18 to text matrix (bcl)\n- Replace deprecated ioutil functions (bcl)\n- New release: 35.6 (bcl)\n- tests: Update tests for osbuild-composer changes (bcl)\n- CMD: Compose status format (eloy.coto)\n- CMD: Compose list format (eloy.coto)\n- tests: Update tests to check for JSON list output (bcl)\n- composer-cli: Change JSON output to be a list of objects (bcl)\n- weldr: Simplify the old ComposeLog, etc. functions (bcl)\n- composer-cli: Add --filename to blueprints freeze save command (bcl)\n- composer-cli: Add --filename to blueprints save command (bcl)\n- composer-cli: Add --filename to compose logs command (bcl)\n- composer-cli: Add --filename to compose image command (bcl)\n- composer-cli: Add --filename to compose metadata command (bcl)\n- composer-cli: Add --filename to compose results command (bcl)\n- weldr: Add saving to a new filename to GetFilePath function (bcl)\n- github: Fix issue with codecov and forced pushes in PRs (bcl)\n- Use golangci-lint 1.45.2 in workflow (bcl)\n- Run workflow tests for go 1.16.x and 1.17.x (bcl)\n- Move go.mod to go 1.16 (bcl)\n- workflows/trigger-gitlab: run Gitlab CI in new image-builder project (jrusz)\n- Update GitHub actions/setup-go to 3\n- Update GitHub actions/checkout to 3", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-05-15T00:00:00", "type": "oraclelinux", "title": "Image Builder security, bug fix, and enhancement update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-15T00:00:00", "id": "ELSA-2023-2204", "href": "http://linux.oracle.com/errata/ELSA-2023-2204.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:28", "description": "delve\n[1.9.1-1.0.1]\n- Bump version of delve from 1.8.3 to 1.9.1\n[1.8.3-1.0.1]\n- Bump version of delve from 1.7.2 to 1.8.3\n[1.7.2-1.0.1]\n- Bump version of delve from 1.6.0 to 1.7.2, enable aarch64\n[1.6.0-1.0.1]\n- Bump upstream version of delve from 1.5.0 to 1.6.0\n[1.5.0-2.0.1]\n- Cherry pick 05508ea98055bcb5418d2dc83893af4eb044d151:\n + Disable DWARF compression which has issues (Alex Burmashev)\n + By David Sloboda \n[1.5.0-2]\n- Add golang-1.15.4 related patch\n- Resolves: rhbz#1901189\n[1.5.0-1]\n- Rebase to 1.5.0\n- Related: rhbz#1870531\n[1.4.1-1]\n- Rebase to 1.4.1\n- Resolves: rhbz#1821281\n- Related: rhbz#1820596\n[1.4.0-2]\n- Change i686 to a better macro\n- Related: rhbz#1820596\n[1.4.0-1]\n- Rebase to 1.4.0\n- Remove Patch1781\n- Related: rhbz#1820596\n[1.3.2-3]\n- Resolves: rhbz#1758612\n- Resolves: rhbz#1780554\n- Add patch: 1781-pkg-terminal-Fix-exit-status.patch\n[1.3.2-2]\n- Added tests\n- Related: rhbz#1758612\n[1.3.2-1]\n- First package for RHEL\n- Related: rhbz#1758612\ngolang\n[1.19.4-2.0.1]\n- Rebase to 1.19.4 openssl-fips\n- Removed patches:\n Patch215: go1.5-zoneinfo_testing_only.patch (upstream commit 946587811423)\n Patch226: disable_static_external_tests.patch (included in new patches)\n Patch51852: disable-crypto-x509-test.patch (no longer needed)\n- Added patches:\n Patch0001: disable_static_tests_part1.patch (part of old patch 226)\n Patch0002: disable_static_tests_part2.patch (part of old patch 226)\n Patch0003: fix-test-1024-leaf-certs.patch (fixes change in openssl-fips patches)\n Patch0004: fix-memory-leak-evp-sign-verify.patch (fixes openssl-fips patches)\n- Remove disabling of ED25519 test, it is done in the openssl-fips patches\n- Remove use of extra source for binary file patching\n- Remove AUTHORS and CONTRIBUTORS from doc section, they were removed upstream,\n in golang issue 53961\n- Reviewed-by: Jose E. Marchesi \n[1.19.4-2]\n- Fix memory leaks in EVP_{sign,verify}_raw\n- Resolves: rhbz#2132767\n[1.19.4-1]\n- Rebase to Go 1.19.4\n- Fix ppc64le linker issue\n- Remove defunct patches\n- Remove downstream generated FIPS mode patches\n- Add golang-fips/go as the source for FIPS mode patches\n- Resolves: rhbz#2144542\n[1.18.8-1.0.1]\n- Rebase to 1.18.8 by adding upstream patches to the 1.18.0 openssl-fips\n- Reviewed-by: Jose E. Marchesi \n[1.19.2-4]\n- Enable big endian support in FIPS mode\n- Resolves: rhbz#1969844\n[1.19.2-3]\n- Restore old HashSign/HashVerify API\n- Resolves: rhbz#2132730\n[1.19.2-2]\n- Add support for 4096 bit keys in x509\n- Resolves: rhbz#2132694\n[1.19.2-1]\n- Rebase to Go 1.19.2\n- Resolves: rhbz#2132730\n[1.19.1-2]\n- Rebase to Go 1.19.1\n- Resolves: rhbz#2131026\n[1.18.3-1.0.1]\n- Rebase to 1.18.3 by adding upstream patches to the 1.18.0 openssl-fips\n- Modify Patch51852 to remove portions already upstream\n- Use base_version to distinguish the version of the tarball from the\n final version\n- Reviewed-by: Jose E. Marchesi \n[1.18.1-2.0.1]\n- Rebase to 1.18.0 openssl-fips\n- Reviewed-by: Jose E. Marchesi \n[1.17.10-1.0.1]\n- Add patches between Go 1.17.7 and Go 1.17.10\n- Rename base_versn to base_version\n- Remove unneeded patches from previous version\n- Remove Patch2028662 because that patch is also upstream now\n- Reviewed-by: Jose E. Marchesi \n[1.18.0-2]\n- Enable SHA1 in some contexts\n- Related: rhbz#2075162\n[1.18.0-1]\n- Update Go to 1.18.0\n- Resolves: rhbz#2075162\n[1.17.7-1]\n- Rebase to Go 1.17.7\n- Remove fips memory leak patch (fixed in tree)\n- Resolves: rhbz#2015930\n[1.17.5-1.0.1]\n- Rebase to 1.17.2 fips. Update to 1.17.5.\n- Reviewed-by: Jose E. Marchesi \n[1.17.5-1]\n- Rebase to Go 1.17.5\n- Remove vdso_s390x_gettime patch\n- Resolves: rhbz#2031112\n- Related: rhbz#2028570\n[1.17.4-1]\n- Rebase Go to 1.17.4\n- Add remove_waitgroup_misuse_tests patch\n- Related: rhbz#2014088\n- Resolves: rhbz#2028570\n- Resolves: rhbz#2022828\n- Resolves: rhbz#2024686\n- Resolves: rhbz#2028662\n[1.17.2-2]\n- Resolves: rhbz#2014704\n[1.17.2-1]\n- Rebase to Go 1.17.2\n- Related: rhbz#2014088\n- Remove golang-1.15-warnCN.patch\n- Remove reject-leading-zeros.patch\n- Remove favicon.ico and robots.txt references\n- Exclude TestEd25519Vectors test\n[1.16.9-1.0.1]\n- Rebase to 1.16.7 fips, and add patches to bring up to 1.16.9\n[1.16.7-1]\n- Rebase to Go 1.16.7\n- Resolves: rhbz#1994079\n- Add reject leading zeros patch\n- Resolves: rhbz#1993314\n[1.16.6-2]\n- Fix TestBoringServerCurves failure when run by itself\n- Resolves: rhbz#1976168\n[1.16.6-1]\n- Rebase to go-1.16.6-1-openssl-fips\n- Resolves: rhbz#1982281\n- Addresses CVE-2021-34558\n[1.16.5-1]\n- Rebase to 1.16.5\n- Removes rhbz#1955032 patch, it's already included in this release\n- Removes rhbz#1956891 patch, it's already included in this release\n- Related: rhbz#1979677\n- Related: rhbz#1968738\n- Related: rhbz#1972420\n[1.16.4-3]\n- Fix zero-size allocation memory leak.\n- Related: rhbz#1951877\n[1.16.4-2]\n- Resolves: rhbz#1951877\n[1.16.4-1]\n- Rebase to go-1.16.4-1-openssl-fips\n[1.16.1-3]\n- Resolves: rhbz#1956891\n[1.16.1-2]\n- Resolves: rhbz#1955032\n[1.16.1-1]\n- Rebase to go-1.16.1-2-openssl-fips\n- Resolves: rhbz#1938071\n- Adds a workaround for rhbz#1939923\n- Removes Patch224, it's on upstream -> rhbz#1888673\n- Removes Patch225, it's on upstream -> https://go-review.googlesource.com/c/text/+/238238\n- Removes old patches for cleaning purposes\n[1.15.10-1]\n- Use patches to update version 1.15.7 to 1.15.10\n[1.15.7-1]\n- Rebase to 1.15.7\n- Resolves: rhbz#1870531\n- Resolves: rhbz#1919261\n[1.15.5-1]\n- Rebase to 1.15.5\n- Resolves: rhbz#1898652\n- Resolves: rhbz#1898660\n- Resolves: rhbz#1898649\n[1.15.3-2]\n- fix typo in patch file name\n- Related: rhbz#1881539\n[1.15.3-1]\n- Rebase to 1.15.3\n- fix x/text infinite loop\n- Resolves: rhbz#1881539\n[1.15.2-2]\n- Resolves: rhbz#1850045\n[1.15.2-1]\n- Rebase to 1.15.2\n- fix rhbz#1872622 in commit af9a1b1f6567a1c5273a134d395bfe7bb840b7f8\n- Resolves: rhbz#1872622\n- add net/http graceful shutdown patch\n- Resolves: rhbz#1888673\n- add x509warnCN patch\n- Resolves: rhbz#1889437\n[1.15.0-1]\n- Rebase to 1.15.0\n- Related: rhbz#1870531\n[1.14.7-2]\n- Improve test suite\n- Resolves: rhbz#1854693\n[1.14.7-1]\n- Rebase to 1.14.7\n[1.14.6-1]\n- Rebase to 1.14.6\n- Resolves: rhbz#1820596\n[1.14.4-2]\n- Include patch to fix missing deferreturn on linux/ppc64le\n- Resolves: rhbz#1854836\n[1.14.4-1]\n- Rebase to 1.14.4\n[1.14.2-2]\n- Remove i686 references\n- Related: rhbz#1752991\n[1.14.2-1]\n- Rebase to 1.14.2\n- Related: rhbz#1820596\n[1.13.4-2]\n- Remove patches\n- Related: rhbz#1747150\n[1.13.4-1]\n- Rebase to 1.13.4\n- Related: rhbz#1747150\n[1.12.8-4]\n- Reduce number of threads when testing on i686\n[1.12.8-3]\n- Relax FIPS requirements to unblock OpenShift testing\n[1.12.8-2]\n- Rebase to 1.12.8\n- Resolves: rhbz#1745706\n- Resolves: rhbz#1745712\n[1.12.6-3]\n- Add README for more documentation\n- Resolves: rhbz#1734788\n[1.12.6-3]\n- Revert some TLS FIPS changes for now\n- Resolves: rhbz#1734788\n[1.12.6-2]\n- Updates to be less strict on key size in FIPS mode\n- Resolves: rhbz#1734788\n[1.12.6-1]\n- Rebase to 1.12.6\n- Resolves: rhbz#1677819\n[1.12.5-2]\n- Remove macros present in go-compiler\n- Resolves: rhbz#1700109\n[1.12.5-1]\n- Rebase to 1.12.5\n- Resolves: rhbz#1677819\n[1.12.1-2]\n- Lock OpenSSL to specific built version and include more initialization.\n- Resolves: rhbz#1709603\n[1.12.1-1]\n- Rebase to 1.12.1\n- Include FIPS compliance updates\n- Resolves: rhbz#1709603\n[1.11.5-2]\n- Include patch to fix CVE-2019-9741\n- Resolves: rhbz#1690443\n[1.11.5-2]\n- Switch to pagure fork for Go FIPS\n[1.11.5-1]\n- Rebase to Go 1.11.5\n- Resolves: rhbz#1671277\n- Fixes CVE-2019-6486\n[1.11.4-1]\n- Rebase to Go 1.11.4\n- Fixes CVE-2018-16873, CVE-2018-16874, CVE-2018-16875\n[1.11.2-1]\n- Rebase to Go 1.11.2\n[1.10.3-18]\n- Remove SCL from macros\n[1.10.3-17]\n- Prefer go-toolset over go-toolset-1.10\n- Resolves: rhbz#1630786\n[1.10.3-16]\n- Fix implicit syscall declaration warning\n[1.10.3-15]\n- Remove usage of redhat hardening flag file, just pass a select few manually\n- Resolves: rhbz#1642798\n[1.10.3-14]\n- Do not build toolchain in PIE mode\n- Resolves: rhbz#1642798\n[1.10.3-13]\n- Fix setting of internal FIPS enabled flag\n- Resolves: rhbz#1643653\n[1.10.3-12]\n- Pass external linker flags to fix annocheck errors\n- Resolves: rhbz#1624421\n[1.10.3-11]\n- Fix UnreachableExceptTests false panic\n- Resolves: rhbz#1634748\n[1.10.3-10]\n- Remove SCL, fix bug in boringcrypto with ecdsa\n- Related: rhbz#1635066\n- Resolves: rhbz#1636221\n[1.10.3-9]\n- Add runtime FIPS detection patches\n- Resolves: rhbz#1633351\n[1.10.3-8]\n- Add gobuild and gotest macros from go-compilers\n- Resolves: rhbz#1631846\n[1.10.3-7]\n- Bootstrap package using old build of same package\n- Resolves: rhbz#1630786\n[1.10.3-6]\n- Update stack allocation of OpenSSL type patch\n- Resolves: rhbz#1615032\n[1.10.3-5]\n- Build on i686\n- Related: bug#1614611\n[1.10.3-4]\n- Add patch fixing stack allocation of opaque OpenSSL type bug.\n- Resolves: rhbz#1613538\n[1.10.3-3]\n- Add patch with tag to opt out of OpenSSL during build\n[1.10.3-2]\n- Add runtime requirement for openssl-devel and misc updates\n[1.10.3-1]\n- Bump to 1.10.3\n[1.10.2-3]\n- Prepare for module build\n[1.10.2-2]\n- Include FIPS patches\n[1.10.2-1]\n- Bump to Go 1.10.2\n[1.10-1]\n- Bump to Go 1.10\n[1.8.5-1]\n- Fix CVE-2017-15041 and CVE-2017-15042\n- Resolves: BZ#1499160, BZ#1498073, BZ#1512063\n[1.8.3-4]\n- Explicitly require /usr/bin/gcc\n- Resolves: #1487345\n[1.8.3-3]\n- apply asn1 patch\n- add ppc64le trampolines patch\n[1.8.3-2]\n- regular GTS build\n[1.8.3-1]\n- initial GTS build\n[1.8-0.rc3.2.1]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[1.8-0.rc3.2]\n- make possible to override default traceback level at build time\n- add sub-package race containing std lib built with -race enabled\n- Related: BZ#1411242\n[1.8-0.rc3.1]\n- rebase to go1.8rc3\n- Resolves: BZ#1411242\n[1.7.4-2]\n- Resolves: BZ#1404679\n- expose IfInfomsg.X__ifi_pad on s390x\n[1.7.4-1]\n- Bump to 1.7.4\n- Resolves: BZ#1400732\n[1.7.3-2]\n- re-enable the NIST P-224 curve\n[1.7.3-1]\n- Resolves: BZ#1387067 - golang-1.7.3 is available\n- added fix for tests failing with latest tzdata\n[1.7.1-2]\n- fix link failure due to relocation overflows on PPC64X\n[1.7.1-1]\n- rebase to 1.7.1\n- Resolves: BZ#1374103\n[1.7-1]\n- update to released version\n- related: BZ#1342090, BZ#1357394\n[1.7-0.3.rc5]\n- Obsolete golang-vet and golang-cover from golang-googlecode-tools package\n vet/cover binaries are provided by golang-bin rpm (thanks to jchaloup)\n- clean up exclusive arch after s390x boostrap\n- resolves: #1268206\n[1.7-0.2.rc5]\n- rebase to go1.7rc5\n- Resolves: BZ#1342090\n[1.7-0.1.rc2]\n- https://fedoraproject.org/wiki/Changes/golang1.7\n[1.7-0.0.rc2]\n- rebase to 1.7rc2\n- added s390x build\n- improved shared lib packaging\n- Resolves: bz1357602 - CVE-2016-5386\n- Resolves: bz1342090, bz1342090\n[1.6.2-1]\n- rebase to 1.6.2\n- Resolves: bz1329206 - golang-1.6.2.src is available\n[1.6.1-1]\n- rebase to 1.6.1\n- Resolves: bz1324344 - CVE-2016-3959\n- Resolves: bz1324951 - prelink is gone, /etc/prelink.conf.d/* is no longer used\n- Resolves: bz1326366 - wrong epoll_event struct for ppc64le/ppc64\n[1.6-1]\n- Resolves: bz1304701 - rebase to go1.6 release\n- Resolves: bz1304591 - fix possible stack miss-alignment in callCgoMmap\n[1.6-0.3.rc1]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild\n[1.6-0.2.rc1]\n- disabled cgo and external linking on ppc64\n[1.6-0.1.rc1]\n- Resolves bz1292640, rebase to pre-release 1.6\n- bootstrap for PowerPC\n- fix rpmlint errors/warning\n[1.5.3-1]\n- rebase to 1.5.3\n- resolves bz1293451, CVE-2015-8618\n- apply timezone patch, avoid using bundled data\n- print out rpm build system info\n[1.5.2-2]\n- bz1290543 Accept x509 certs with negative serial\n[1.5.2-1]\n- bz1288263 rebase to 1.5.2\n- spec file clean up\n- added build options\n- scrubbed 'Project Gutenberg License'\n[1.5.1-1]\n- bz1271709 include patch from upstream fix\n[1.5.1-0]\n- update to go1.5.1\n[1.5-8]\n- bz1258166 remove srpm macros, for go-srpm-macros\n[1.5-7]\n- bz1258166 remove srpm macros, for go-srpm-macros\n[1.5-6]\n- starting a shared object subpackage. This will be x86_64 only until upstream supports more arches shared objects.\n[1.5-5]\n- bz991759 gdb path fix\n[1.5-4]\n- disable shared object until linux/386 is ironned out\n- including the test/ directory for tests\n[1.5-3]\n- bz1256910 only allow the golang zoneinfo.zip to be used in tests\n- bz1166611 add golang.org/x directory\n- bz1256525 include stdlib shared object. This will let other libraries and binaries\n build with go build -buildmode=shared -linkshared ... or similar.\n[1.5-2]\n- Enable aarch64\n- Minor cleanups\n[1.5-1]\n- updating to go1.5\n[1.5-0.11.rc1]\n- fixing the sources reference\n[1.5-0.10.rc1]\n- updating to go1.5rc1\n- checks are back in place\n[1.5-0.9.beta3]\n- pull in upstream archive/tar fix\n[1.5-0.8.beta3]\n- updating to go1.5beta3\n[1.5-0.7.beta2]\n- add the patch ..\n[1.5-0.6.beta2]\n- increase ELFRESERVE (bz1248071)\n[1.5-0.5.beta2]\n- correct package version and release tags as per naming guidelines\n[1.4.99-4.1.5beta2]\n- adding test output, for visibility\n[1.4.99-3.1.5beta2]\n- updating to go1.5beta2\n[1.4.99-2.1.5beta1]\n- add checksum to sources and fixed one patch\n[1.4.99-1.1.5beta1]\n- updating to go1.5beta1\n[1.4.2-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild\n[1.4.2-2]\n- obsoleting deprecated packages\n[1.4.2-1]\n- updating to go1.4.2\n[1.4.1-1]\n- updating to go1.4.1\n[1.4-2]\n- doc organizing\n[1.4-1]\n- update to go1.4 release\n[1.3.99-3.1.4rc2]\n- update to go1.4rc2\n[1.3.99-2.1.4rc1]\n- update to go1.4rc1\n[1.3.99-1.1.4beta1]\n- update to go1.4beta1\n[1.3.3-3]\n- macros will need to be in their own rpm\n[1.3.3-2]\n- split out rpm macros (bz1156129)\n- progress on gccgo accomodation\n[1.3.3-1]\n- update to go1.3.3 (bz1146882)\n[1.3.2-1]\n- update to go1.3.2 (bz1147324)\n[1.3.1-3]\n- patching the tzinfo failure\n[1.3.1-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild\n[1.3.1-1]\n- update to go1.3.1\n[1.3-11]\n- merged a line wrong\n[1.3-10]\n- more work to get cgo.a timestamps to line up, due to build-env\n- explicitly list all the files and directories for the source and packages trees\n- touch all the built archives to be the same\n[1.3-9]\n- make golang-src 'noarch' again, since that was not a fix, and takes up more space\n[1.3-8]\n- update timestamps of source files during %install bz1099206\n[1.3-7]\n- update timestamps of source during %install bz1099206\n[1.3-6]\n- make the source subpackage arch'ed, instead of noarch\n[1.3-5]\n- fix the writing of pax headers\n[1.3-4]\n- fix the loading of gdb safe-path. bz981356\n[1.3-3]\n- go install std requires gcc, to build cgo. bz1105901, bz1101508\n[1.3-2]\n- archive/tar memory allocation improvements\n[1.3-1]\n- update to go1.3\n[1.3rc2-1]\n- update to go1.3rc2\n[1.3rc1-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild\n[1.3rc1-1]\n- update to go1.3rc1\n- new arch file shuffling\n[1.3beta2-1]\n- update to go1.3beta2\n- no longer provides go-mode for xemacs (emacs only)\n[1.2.2-7]\n- bz1099206 ghost files are not what is needed\n[1.2.2-6]\n- bz1099206 more fixing. The packages %post need golang-bin present first\n[1.2.2-5]\n- bz1099206 more fixing. Let go fix its own timestamps and freshness\n[1.2.2-4]\n- fix the existence and alternatives of go and gofmt\n[1.2.2-3]\n- bz1099206 fix timestamp issue caused by koji builders\n[1.2.2-2]\n- more arch file shuffling\n[1.2.2-1]\n- update to go1.2.2\n[1.2.1-8]\n- RHEL6 rpm macros can't %exlude missing files\n[1.2.1-7]\n- missed two arch-dependent src files\n[1.2.1-6]\n- put generated arch-dependent src in their respective RPMs\n[1.2.1-5]\n- skip test that is causing a SIGABRT on fc21 bz1086900\n[1.2.1-4]\n- fixing file and directory ownership bz1010713\n[1.2.1-3]\n- including more to macros (%go_arches)\n- set a standard goroot as /usr/lib/golang, regardless of arch\n- include sub-packages for compiler toolchains, for all golang supported architectures\n[1.2.1-2]\n- provide a system rpm macros. Starting with gopath\n[1.2.1-1]\n- Update to latest upstream\n[1.2-7]\n- Remove _BSD_SOURCE and _SVID_SOURCE, they are deprecated in recent\n versions of glibc and aren't needed\n[1.2-6]\n- pull in upstream archive/tar implementation that supports xattr for\n docker 0.8.1\n[1.2-5]\n- provide 'go', so users can yum install 'go'\n[1.2-4]\n- skip a flaky test that is sporadically failing on the build server\n[1.2-3]\n- remove golang-godoc dependency. cyclic dependency on compiling godoc\n[1.2-2]\n- removing P224 ECC curve\n[1.2-1]\n- Update to upstream 1.2 release\n- remove the pax tar patches\n[1.1.2-8]\n- fix the rpmspec conditional for rhel and fedora\n[1.1.2-7]\n- patch tests for testing on rawhide\n- let the same spec work for rhel and fedora\n[1.1.2-6]\n- don't symlink /usr/bin out to ../lib..., move the file\n- seperate out godoc, to accomodate the go.tools godoc\n[1.1.2-5]\n- Pull upstream patches for BZ#1010271\n- Add glibc requirement that got dropped because of meta dep fix\n[1.1.2-4]\n- fix the libc meta dependency (thanks to vbatts [at] redhat.com for the fix)\n[1.1.2-3]\n- Revert incorrect merged changelog\n[1.1.2-2]\n- This was reverted, just a placeholder changelog entry for bad merge\n[1.1.2-1]\n- Update to latest upstream\n[1.1.1-7]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild\n[1.1.1-6]\n- Perl 5.18 rebuild\n[1.1.1-5]\n- Blacklist testdata files from prelink\n- Again try to fix #973842\n[1.1.1-4]\n- Move src to libdir for now (#973842) (upstream issue https://code.google.com/p/go/issues/detail?id=5830)\n- Eliminate noarch data package to work around RPM bug (#975909)\n- Try to add runtime-gdb.py to the gdb safe-path (#981356)\n[1.1.1-3]\n- Use lua for pretrans (http://fedoraproject.org/wiki/Packaging:Guidelines#The_.25pretrans_scriptlet)\n[1.1.1-2]\n- Hopefully really fix #973842\n- Fix update from pre-1.1.1 (#974840)\n[1.1.1-1]\n- Update to 1.1.1\n- Fix basically useless package (#973842)\n[1.1-3]\n- set ExclusiveArch\n[1.1-2]\n- Fix noarch package discrepancies\n[1.1-1]\n- Initial Fedora release.\n- Update to 1.1\n[1.1-0.3.rc3]\n- Update to rc3\n[1.1-0.2.beta2]\n- Update to beta2\n[1.1-0.1.beta1]\n- Initial packaging.\ngo-toolset\n[1.19.4-1]\n- Update to golang 1.19.4", "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "baseScore": 7.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-03-07T00:00:00", "type": "oraclelinux", "title": "ol8addon security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-32190", "CVE-2022-41715", "CVE-2022-41716", "CVE-2022-41717", "CVE-2022-41720"], "modified": "2023-03-07T00:00:00", "id": "ELSA-2023-18908", "href": "http://linux.oracle.com/errata/ELSA-2023-18908.html", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:30", "description": "[1.12.8-23.0.1]\n- fix netlink poll: error 4 (Zhenzhong Duan)\n[1:1.12.8-23.1]\n- Fix CVE-2022-42010 (#2133644)\n- Fix CVE-2022-42011 (#2133638)\n- Fix CVE-2022-42012 (#2133632)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-12T00:00:00", "type": "oraclelinux", "title": "dbus security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-12T00:00:00", "id": "ELSA-2023-0096", "href": "http://linux.oracle.com/errata/ELSA-2023-0096.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:27", "description": "[1.12.20-7.0.1]\n- fix netlink poll: error 4 (Zhenzhong Duan)\n[1:1.12.20-7]\n- Fix CVE-2022-42010 (#2133647)\n- Fix CVE-2022-42011 (#2133641)\n- Fix CVE-2022-42012 (#2133635)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2023-01-24T00:00:00", "type": "oraclelinux", "title": "dbus security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 4.0, "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-24T00:00:00", "id": "ELSA-2023-0335", "href": "http://linux.oracle.com/errata/ELSA-2023-0335.html", "cvss": {"score": 4.0, "vector": "AV:N/AC:L/Au:S/C:N/I:N/A:P"}}, {"lastseen": "2023-06-03T15:23:27", "description": "[3.5.13-8]\n- Fix CVE-2022-46285: infinite loop on unclosed comments (#2160230)\n- Fix CVE-2022-44617: runaway loop with width of 0 (#2160232)\n- Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin (#2160242)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-24T00:00:00", "type": "oraclelinux", "title": "libXpm security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-44617", "CVE-2022-46285", "CVE-2022-4883"], "modified": "2023-01-24T00:00:00", "id": "ELSA-2023-0383", "href": "http://linux.oracle.com/errata/ELSA-2023-0383.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}, {"lastseen": "2023-06-03T15:23:30", "description": "[3.5.12-9]\n- Fix CVE-2022-46285: infinite loop on unclosed comments (#2161800)\n- Fix CVE-2022-44617: runaway loop with width of 0 (#2161808)\n- Fix CVE-2022-4883: compression depends on /usr/local/bin:/usr/bin (#2160238)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 5.9}, "published": "2023-01-24T00:00:00", "type": "oraclelinux", "title": "libXpm security update", "bulletinFamily": "unix", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "SINGLE"}, "impactScore": 6.4, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2022-44617", "CVE-2022-46285", "CVE-2022-4883"], "modified": "2023-01-24T00:00:00", "id": "ELSA-2023-0379", "href": "http://linux.oracle.com/errata/ELSA-2023-0379.html", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2023-05-17T16:40:41", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0095 advisory.\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : libtiff (ELSA-2023-0095)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-01-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:libtiff", "p-cpe:/a:oracle:linux:libtiff-devel", "p-cpe:/a:oracle:linux:libtiff-tools"], "id": "ORACLELINUX_ELSA-2023-0095.NASL", "href": "https://www.tenable.com/plugins/nessus/169993", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0095.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169993);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"Oracle Linux 8 : libtiff (ELSA-2023-0095)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-0095 advisory.\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0095.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff-tools\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'libtiff-4.0.9-26.el8_7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.0.9-26.el8_7', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.0.9-26.el8_7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.0.9-26.el8_7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.0.9-26.el8_7', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.0.9-26.el8_7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.0.9-26.el8_7', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.0.9-26.el8_7', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:58", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0095 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-13T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : libtiff (ALSA-2023:0095)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-01-13T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libtiff", "p-cpe:/a:alma:linux:libtiff-devel", "p-cpe:/a:alma:linux:libtiff-tools", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream", "cpe:/o:alma:linux:8::powertools"], "id": "ALMA_LINUX_ALSA-2023-0095.NASL", "href": "https://www.tenable.com/plugins/nessus/170032", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0095.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170032);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n script_xref(name:\"ALSA\", value:\"2023:0095\");\n\n script_name(english:\"AlmaLinux 8 : libtiff (ALSA-2023:0095)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:0095 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2023-0095.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(122, 125, 131, 191, 20, 369, 415, 763, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::powertools\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'libtiff-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:34:59", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0095 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867)\n\n - libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits() (CVE-2022-2868)\n\n - libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in extractContigSamples8bits() (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-12T00:00:00", "type": "nessus", "title": "RHEL 8 : libtiff (RHSA-2023:0095)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:libtiff", "p-cpe:/a:redhat:enterprise_linux:libtiff-devel", "p-cpe:/a:redhat:enterprise_linux:libtiff-tools"], "id": "REDHAT-RHSA-2023-0095.NASL", "href": "https://www.tenable.com/plugins/nessus/169970", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0095. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169970);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0095\");\n\n script_name(english:\"RHEL 8 : libtiff (RHSA-2023:0095)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0095 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - libtiff: uint32_t underflow leads to out of bounds read and write in tiffcrop.c (CVE-2022-2867)\n\n - libtiff: Invalid crop_width and/or crop_length could cause an out-of-bounds read in reverseSamples16bits()\n (CVE-2022-2868)\n\n - libtiff: tiffcrop.c has uint32_t underflow which leads to out of bounds read and write in\n extractContigSamples8bits() (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2868\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2869\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2953\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0095\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2118847\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2118863\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2118869\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(20, 122, 125, 131, 191, 369, 415, 763, 787);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff-tools\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libtiff-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.0.9-26.el8_7', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:16", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : libtiff (ALSA-2023:0302)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2953"], "modified": "2023-01-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:libtiff", "p-cpe:/a:alma:linux:libtiff-devel", "p-cpe:/a:alma:linux:libtiff-tools", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::crb"], "id": "ALMA_LINUX_ALSA-2023-0302.NASL", "href": "https://www.tenable.com/plugins/nessus/170584", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0302.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170584);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/25\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2953\"\n );\n script_xref(name:\"ALSA\", value:\"2023:0302\");\n\n script_name(english:\"AlmaLinux 9 : libtiff (ALSA-2023:0302)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2023-0302.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(122, 131, 369, 415, 763);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::crb\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'libtiff-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:13", "description": "The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-24T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : libtiff (ELSA-2023-0302)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2953"], "modified": "2023-01-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:libtiff", "p-cpe:/a:oracle:linux:libtiff-devel", "p-cpe:/a:oracle:linux:libtiff-tools"], "id": "ORACLELINUX_ELSA-2023-0302.NASL", "href": "https://www.tenable.com/plugins/nessus/170498", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0302.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170498);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/24\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"Oracle Linux 9 : libtiff (ELSA-2023-0302)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0302.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:libtiff-tools\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'libtiff-4.4.0-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.4.0-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.4.0-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'cpu':'i686', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-5.el9_1', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-5.el9_1', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:33:56", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-23T00:00:00", "type": "nessus", "title": "RHEL 9 : libtiff (RHSA-2023:0302)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2953"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:libtiff", "p-cpe:/a:redhat:enterprise_linux:libtiff-devel", "p-cpe:/a:redhat:enterprise_linux:libtiff-tools"], "id": "REDHAT-RHSA-2023-0302.NASL", "href": "https://www.tenable.com/plugins/nessus/170408", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:0302. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170408);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2953\"\n );\n script_xref(name:\"RHSA\", value:\"2023:0302\");\n\n script_name(english:\"RHEL 9 : libtiff (RHSA-2023:0302)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:0302 advisory.\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2056\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2057\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2058\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2519\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2520\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2521\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2953\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:0302\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff, libtiff-devel and / or libtiff-tools packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n script_set_attribute(attribute:\"cvss3_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(122, 131, 369, 415, 763);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:libtiff-tools\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libtiff-4.4.0-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-5.el9_1', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'libtiff-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-5.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'libtiff / libtiff-devel / libtiff-tools');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-21T06:36:10", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-20T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : Image Builder (ALSA-2023:2780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-20T00:00:00", "cpe": ["cpe:/o:alma:linux:8", "p-cpe:/a:alma:linux:osbuild-composer", "p-cpe:/a:alma:linux:osbuild-composer-core", "p-cpe:/a:alma:linux:osbuild-composer-worker", "p-cpe:/a:alma:linux:osbuild-composer-dnf-json", "p-cpe:/a:alma:linux:weldr-client", "cpe:/o:alma:linux:8::powertools", "cpe:/o:alma:linux:8::baseos", "cpe:/o:alma:linux:8::appstream", "cpe:/o:alma:linux:8::nfv", "cpe:/o:alma:linux:8::realtime", "cpe:/o:alma:linux:8::highavailability", "cpe:/o:alma:linux:8::resilientstorage", "cpe:/o:alma:linux:8::sap", "cpe:/o:alma:linux:8::sap_hana", "cpe:/o:alma:linux:8::supplementary"], "id": "ALMA_LINUX_ALSA-2023-2780.NASL", "href": "https://www.tenable.com/plugins/nessus/176161", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:2780.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(176161);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/20\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"ALSA\", value:\"2023:2780\");\n script_xref(name:\"IAVB\", value:\"2022-B-0042-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0059-S\");\n\n script_name(english:\"AlmaLinux 8 : Image Builder (ALSA-2023:2780)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2023-2780.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(400, 444, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:weldr-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::baseos\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::highavailability\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::nfv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::powertools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::realtime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::resilientstorage\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::sap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::sap_hana\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::supplementary\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'osbuild-composer-75-1.el8.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-75-1.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8.alma', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8.alma', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'osbuild-composer / osbuild-composer-core / osbuild-composer-dnf-json / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:46:30", "description": "The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2204 advisory.\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-15T00:00:00", "type": "nessus", "title": "Oracle Linux 9 : Image / Builder (ELSA-2023-2204)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-15T00:00:00", "cpe": ["cpe:/o:oracle:linux:9", "p-cpe:/a:oracle:linux:cockpit-composer", "p-cpe:/a:oracle:linux:osbuild", "p-cpe:/a:oracle:linux:osbuild-composer", "p-cpe:/a:oracle:linux:osbuild-composer-core", "p-cpe:/a:oracle:linux:osbuild-composer-dnf-json", "p-cpe:/a:oracle:linux:osbuild-composer-worker", "p-cpe:/a:oracle:linux:osbuild-luks2", "p-cpe:/a:oracle:linux:osbuild-lvm2", "p-cpe:/a:oracle:linux:osbuild-ostree", "p-cpe:/a:oracle:linux:osbuild-selinux", "p-cpe:/a:oracle:linux:python3-osbuild", "p-cpe:/a:oracle:linux:weldr-client"], "id": "ORACLELINUX_ELSA-2023-2204.NASL", "href": "https://www.tenable.com/plugins/nessus/175721", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-2204.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175721);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/15\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0042-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0059-S\");\n\n script_name(english:\"Oracle Linux 9 : Image / Builder (ELSA-2023-2204)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-2204 advisory.\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-2204.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cockpit-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-luks2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-lvm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-ostree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-osbuild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:weldr-client\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 9', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'cockpit-composer-45-1.0.1.el9_2', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'osbuild-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-76-2.el9_2', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-76-2.el9_2', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-luks2-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-lvm2-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-ostree-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-selinux-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-osbuild-81-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-composer / osbuild / osbuild-composer / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:48:03", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2204 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-15T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : Image Builder (ALSA-2023:2204)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-15T00:00:00", "cpe": ["p-cpe:/a:alma:linux:osbuild-composer", "p-cpe:/a:alma:linux:osbuild-composer-core", "p-cpe:/a:alma:linux:osbuild-composer-worker", "p-cpe:/a:alma:linux:osbuild-composer-dnf-json", "p-cpe:/a:alma:linux:weldr-client", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::crb", "cpe:/o:alma:linux:9::baseos", "cpe:/o:alma:linux:9::nfv", "cpe:/o:alma:linux:9::realtime", "cpe:/o:alma:linux:9::highavailability", "cpe:/o:alma:linux:9::resilientstorage", "cpe:/o:alma:linux:9::sap", "cpe:/o:alma:linux:9::sap_hana", "cpe:/o:alma:linux:9::supplementary"], "id": "ALMA_LINUX_ALSA-2023-2204.NASL", "href": "https://www.tenable.com/plugins/nessus/175673", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:2204.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175673);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/15\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"ALSA\", value:\"2023:2204\");\n script_xref(name:\"IAVB\", value:\"2022-B-0042-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0059-S\");\n\n script_name(english:\"AlmaLinux 9 : Image Builder (ALSA-2023:2204)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:2204 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2023-2204.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(400, 444, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/15\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:weldr-client\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::baseos\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::crb\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::highavailability\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::nfv\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::realtime\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::resilientstorage\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::sap\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::sap_hana\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::supplementary\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'osbuild-composer-76-2.el9_2.alma', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-76-2.el9_2.alma', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2.alma', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2.alma', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2.alma', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2.alma', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2.alma', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2.alma', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'cpu':'aarch64', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'cpu':'x86_64', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'osbuild-composer / osbuild-composer-core / osbuild-composer-dnf-json / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:42:40", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-20T00:00:00", "type": "nessus", "title": "RHEL 8 : Image Builder (RHSA-2023:2780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-core", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-dnf-json", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-worker", "p-cpe:/a:redhat:enterprise_linux:weldr-client"], "id": "REDHAT-RHSA-2023-2780.NASL", "href": "https://www.tenable.com/plugins/nessus/176147", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:2780. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(176147);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"RHSA\", value:\"2023:2780\");\n\n script_name(english:\"RHEL 8 : Image Builder (RHSA-2023:2780)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-41715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-41717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:2780\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(400, 444, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:weldr-client\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/dist/rhel8/8/aarch64/appstream/debug',\n 'content/dist/rhel8/8/aarch64/appstream/os',\n 'content/dist/rhel8/8/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/baseos/debug',\n 'content/dist/rhel8/8/aarch64/baseos/os',\n 'content/dist/rhel8/8/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/codeready-builder/debug',\n 'content/dist/rhel8/8/aarch64/codeready-builder/os',\n 'content/dist/rhel8/8/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/highavailability/debug',\n 'content/dist/rhel8/8/aarch64/highavailability/os',\n 'content/dist/rhel8/8/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/aarch64/supplementary/debug',\n 'content/dist/rhel8/8/aarch64/supplementary/os',\n 'content/dist/rhel8/8/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/appstream/debug',\n 'content/dist/rhel8/8/ppc64le/appstream/os',\n 'content/dist/rhel8/8/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/baseos/debug',\n 'content/dist/rhel8/8/ppc64le/baseos/os',\n 'content/dist/rhel8/8/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/debug',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/os',\n 'content/dist/rhel8/8/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/highavailability/debug',\n 'content/dist/rhel8/8/ppc64le/highavailability/os',\n 'content/dist/rhel8/8/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/debug',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/os',\n 'content/dist/rhel8/8/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/debug',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/os',\n 'content/dist/rhel8/8/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/sap/debug',\n 'content/dist/rhel8/8/ppc64le/sap/os',\n 'content/dist/rhel8/8/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel8/8/ppc64le/supplementary/debug',\n 'content/dist/rhel8/8/ppc64le/supplementary/os',\n 'content/dist/rhel8/8/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/s390x/appstream/debug',\n 'content/dist/rhel8/8/s390x/appstream/os',\n 'content/dist/rhel8/8/s390x/appstream/source/SRPMS',\n 'content/dist/rhel8/8/s390x/baseos/debug',\n 'content/dist/rhel8/8/s390x/baseos/os',\n 'content/dist/rhel8/8/s390x/baseos/source/SRPMS',\n 'content/dist/rhel8/8/s390x/codeready-builder/debug',\n 'content/dist/rhel8/8/s390x/codeready-builder/os',\n 'content/dist/rhel8/8/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/s390x/highavailability/debug',\n 'content/dist/rhel8/8/s390x/highavailability/os',\n 'content/dist/rhel8/8/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/s390x/resilientstorage/debug',\n 'content/dist/rhel8/8/s390x/resilientstorage/os',\n 'content/dist/rhel8/8/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/s390x/sap/debug',\n 'content/dist/rhel8/8/s390x/sap/os',\n 'content/dist/rhel8/8/s390x/sap/source/SRPMS',\n 'content/dist/rhel8/8/s390x/supplementary/debug',\n 'content/dist/rhel8/8/s390x/supplementary/os',\n 'content/dist/rhel8/8/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/appstream/debug',\n 'content/dist/rhel8/8/x86_64/appstream/os',\n 'content/dist/rhel8/8/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/baseos/debug',\n 'content/dist/rhel8/8/x86_64/baseos/os',\n 'content/dist/rhel8/8/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/codeready-builder/debug',\n 'content/dist/rhel8/8/x86_64/codeready-builder/os',\n 'content/dist/rhel8/8/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/highavailability/debug',\n 'content/dist/rhel8/8/x86_64/highavailability/os',\n 'content/dist/rhel8/8/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/nfv/debug',\n 'content/dist/rhel8/8/x86_64/nfv/os',\n 'content/dist/rhel8/8/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/resilientstorage/debug',\n 'content/dist/rhel8/8/x86_64/resilientstorage/os',\n 'content/dist/rhel8/8/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/rt/debug',\n 'content/dist/rhel8/8/x86_64/rt/os',\n 'content/dist/rhel8/8/x86_64/rt/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap-solutions/debug',\n 'content/dist/rhel8/8/x86_64/sap-solutions/os',\n 'content/dist/rhel8/8/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/sap/debug',\n 'content/dist/rhel8/8/x86_64/sap/os',\n 'content/dist/rhel8/8/x86_64/sap/source/SRPMS',\n 'content/dist/rhel8/8/x86_64/supplementary/debug',\n 'content/dist/rhel8/8/x86_64/supplementary/os',\n 'content/dist/rhel8/8/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'osbuild-composer-75-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp'])) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'osbuild-composer / osbuild-composer-core / osbuild-composer-dnf-json / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-24T18:41:58", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2780 advisory.\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-24T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : Image / Builder (ELSA-2023-2780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:cockpit-composer", "p-cpe:/a:oracle:linux:osbuild", "p-cpe:/a:oracle:linux:osbuild-composer", "p-cpe:/a:oracle:linux:osbuild-composer-core", "p-cpe:/a:oracle:linux:osbuild-composer-dnf-json", "p-cpe:/a:oracle:linux:osbuild-composer-worker", "p-cpe:/a:oracle:linux:osbuild-luks2", "p-cpe:/a:oracle:linux:osbuild-lvm2", "p-cpe:/a:oracle:linux:osbuild-ostree", "p-cpe:/a:oracle:linux:osbuild-selinux", "p-cpe:/a:oracle:linux:python3-osbuild", "p-cpe:/a:oracle:linux:weldr-client"], "id": "ORACLELINUX_ELSA-2023-2780.NASL", "href": "https://www.tenable.com/plugins/nessus/176297", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-2780.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(176297);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0042-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0059-S\");\n\n script_name(english:\"Oracle Linux 8 : Image / Builder (ELSA-2023-2780)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-2780 advisory.\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-2780.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/24\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/24\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cockpit-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-luks2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-lvm2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-ostree\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:osbuild-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-osbuild\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:weldr-client\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'cockpit-composer-45-1.0.1.el8_8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE},\n {'reference':'osbuild-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-luks2-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-lvm2-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-ostree-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-selinux-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-osbuild-81-1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-composer / osbuild / osbuild-composer / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-20T16:37:13", "description": "The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-20T00:00:00", "type": "nessus", "title": "CentOS 8 : Image Builder (CESA-2023:2780)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-20T00:00:00", "cpe": ["cpe:/o:centos:centos:8-stream", "p-cpe:/a:centos:centos:weldr-client", "p-cpe:/a:centos:centos:osbuild-composer", "p-cpe:/a:centos:centos:osbuild-composer-core", "p-cpe:/a:centos:centos:osbuild-composer-dnf-json", "p-cpe:/a:centos:centos:osbuild-composer-worker"], "id": "CENTOS8_RHSA-2023-2780.NASL", "href": "https://www.tenable.com/plugins/nessus/176144", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2023:2780. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(176144);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/20\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"RHSA\", value:\"2023:2780\");\n\n script_name(english:\"CentOS 8 : Image Builder (CESA-2023:2780)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nCESA-2023:2780 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:2780\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/20\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8-stream\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:weldr-client\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/CentOS/release');\nif (isnull(os_release) || 'CentOS' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS');\nvar os_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >!< os_release) audit(AUDIT_OS_NOT, 'CentOS 8-Stream');\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nvar pkgs = [\n {'reference':'osbuild-composer-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-75-1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'osbuild-composer / osbuild-composer-core / osbuild-composer-dnf-json / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T00:41:19", "description": "The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:2204 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-13T00:00:00", "type": "nessus", "title": "RHEL 9 : Image Builder (RHSA-2023:2204)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-41715", "CVE-2022-41717"], "modified": "2023-05-24T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:9", "cpe:/o:redhat:rhel_aus:9.2", "cpe:/o:redhat:rhel_e4s:9.2", "cpe:/o:redhat:rhel_eus:9.2", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-core", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-dnf-json", "p-cpe:/a:redhat:enterprise_linux:osbuild-composer-worker", "p-cpe:/a:redhat:enterprise_linux:weldr-client"], "id": "REDHAT-RHSA-2023-2204.NASL", "href": "https://www.tenable.com/plugins/nessus/175480", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2023:2204. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175480);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/24\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-41715\",\n \"CVE-2022-41717\"\n );\n script_xref(name:\"RHSA\", value:\"2023:2204\");\n\n script_name(english:\"RHEL 9 : Image Builder (RHSA-2023:2204)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2023:2204 advisory.\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2879\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-2880\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-27664\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-41715\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-41717\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2023:2204\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(400, 444, 770);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:9.2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-core\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-dnf-json\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:osbuild-composer-worker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:weldr-client\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '9')) audit(AUDIT_OS_NOT, 'Red Hat 9.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu && 'ppc' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar constraints = [\n {\n 'repo_relative_urls': [\n 'content/aus/rhel9/9.2/x86_64/appstream/debug',\n 'content/aus/rhel9/9.2/x86_64/appstream/os',\n 'content/aus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/aus/rhel9/9.2/x86_64/baseos/debug',\n 'content/aus/rhel9/9.2/x86_64/baseos/os',\n 'content/aus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/appstream/debug',\n 'content/e4s/rhel9/9.2/aarch64/appstream/os',\n 'content/e4s/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/baseos/debug',\n 'content/e4s/rhel9/9.2/aarch64/baseos/os',\n 'content/e4s/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/debug',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/os',\n 'content/e4s/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/debug',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/os',\n 'content/e4s/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/debug',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/os',\n 'content/e4s/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/os',\n 'content/e4s/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/e4s/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/ppc64le/sap/debug',\n 'content/e4s/rhel9/9.2/ppc64le/sap/os',\n 'content/e4s/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/appstream/debug',\n 'content/e4s/rhel9/9.2/s390x/appstream/os',\n 'content/e4s/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/baseos/debug',\n 'content/e4s/rhel9/9.2/s390x/baseos/os',\n 'content/e4s/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/highavailability/debug',\n 'content/e4s/rhel9/9.2/s390x/highavailability/os',\n 'content/e4s/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/os',\n 'content/e4s/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/s390x/sap/debug',\n 'content/e4s/rhel9/9.2/s390x/sap/os',\n 'content/e4s/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/appstream/debug',\n 'content/e4s/rhel9/9.2/x86_64/appstream/os',\n 'content/e4s/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/baseos/debug',\n 'content/e4s/rhel9/9.2/x86_64/baseos/os',\n 'content/e4s/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/debug',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/os',\n 'content/e4s/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/e4s/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/e4s/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/e4s/rhel9/9.2/x86_64/sap/debug',\n 'content/e4s/rhel9/9.2/x86_64/sap/os',\n 'content/e4s/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/appstream/debug',\n 'content/eus/rhel9/9.2/aarch64/appstream/os',\n 'content/eus/rhel9/9.2/aarch64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/baseos/debug',\n 'content/eus/rhel9/9.2/aarch64/baseos/os',\n 'content/eus/rhel9/9.2/aarch64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/os',\n 'content/eus/rhel9/9.2/aarch64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/highavailability/debug',\n 'content/eus/rhel9/9.2/aarch64/highavailability/os',\n 'content/eus/rhel9/9.2/aarch64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/aarch64/supplementary/debug',\n 'content/eus/rhel9/9.2/aarch64/supplementary/os',\n 'content/eus/rhel9/9.2/aarch64/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/appstream/debug',\n 'content/eus/rhel9/9.2/ppc64le/appstream/os',\n 'content/eus/rhel9/9.2/ppc64le/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/baseos/debug',\n 'content/eus/rhel9/9.2/ppc64le/baseos/os',\n 'content/eus/rhel9/9.2/ppc64le/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/debug',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/os',\n 'content/eus/rhel9/9.2/ppc64le/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/debug',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/os',\n 'content/eus/rhel9/9.2/ppc64le/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/debug',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/os',\n 'content/eus/rhel9/9.2/ppc64le/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/os',\n 'content/eus/rhel9/9.2/ppc64le/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/sap/debug',\n 'content/eus/rhel9/9.2/ppc64le/sap/os',\n 'content/eus/rhel9/9.2/ppc64le/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/debug',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/os',\n 'content/eus/rhel9/9.2/ppc64le/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/appstream/debug',\n 'content/eus/rhel9/9.2/s390x/appstream/os',\n 'content/eus/rhel9/9.2/s390x/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/baseos/debug',\n 'content/eus/rhel9/9.2/s390x/baseos/os',\n 'content/eus/rhel9/9.2/s390x/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/debug',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/os',\n 'content/eus/rhel9/9.2/s390x/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/highavailability/debug',\n 'content/eus/rhel9/9.2/s390x/highavailability/os',\n 'content/eus/rhel9/9.2/s390x/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/debug',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/os',\n 'content/eus/rhel9/9.2/s390x/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/sap/debug',\n 'content/eus/rhel9/9.2/s390x/sap/os',\n 'content/eus/rhel9/9.2/s390x/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/s390x/supplementary/debug',\n 'content/eus/rhel9/9.2/s390x/supplementary/os',\n 'content/eus/rhel9/9.2/s390x/supplementary/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/appstream/debug',\n 'content/eus/rhel9/9.2/x86_64/appstream/os',\n 'content/eus/rhel9/9.2/x86_64/appstream/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/baseos/debug',\n 'content/eus/rhel9/9.2/x86_64/baseos/os',\n 'content/eus/rhel9/9.2/x86_64/baseos/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/debug',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/os',\n 'content/eus/rhel9/9.2/x86_64/codeready-builder/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/highavailability/debug',\n 'content/eus/rhel9/9.2/x86_64/highavailability/os',\n 'content/eus/rhel9/9.2/x86_64/highavailability/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/debug',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/os',\n 'content/eus/rhel9/9.2/x86_64/resilientstorage/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/debug',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/os',\n 'content/eus/rhel9/9.2/x86_64/sap-solutions/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/sap/debug',\n 'content/eus/rhel9/9.2/x86_64/sap/os',\n 'content/eus/rhel9/9.2/x86_64/sap/source/SRPMS',\n 'content/eus/rhel9/9.2/x86_64/supplementary/debug',\n 'content/eus/rhel9/9.2/x86_64/supplementary/os',\n 'content/eus/rhel9/9.2/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'osbuild-composer-76-2.el9_2', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'sp':'2', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n },\n {\n 'repo_relative_urls': [\n 'content/dist/rhel9/9/aarch64/appstream/debug',\n 'content/dist/rhel9/9/aarch64/appstream/os',\n 'content/dist/rhel9/9/aarch64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/baseos/debug',\n 'content/dist/rhel9/9/aarch64/baseos/os',\n 'content/dist/rhel9/9/aarch64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/codeready-builder/debug',\n 'content/dist/rhel9/9/aarch64/codeready-builder/os',\n 'content/dist/rhel9/9/aarch64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/highavailability/debug',\n 'content/dist/rhel9/9/aarch64/highavailability/os',\n 'content/dist/rhel9/9/aarch64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/aarch64/supplementary/debug',\n 'content/dist/rhel9/9/aarch64/supplementary/os',\n 'content/dist/rhel9/9/aarch64/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/appstream/debug',\n 'content/dist/rhel9/9/ppc64le/appstream/os',\n 'content/dist/rhel9/9/ppc64le/appstream/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/baseos/debug',\n 'content/dist/rhel9/9/ppc64le/baseos/os',\n 'content/dist/rhel9/9/ppc64le/baseos/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/debug',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/os',\n 'content/dist/rhel9/9/ppc64le/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/highavailability/debug',\n 'content/dist/rhel9/9/ppc64le/highavailability/os',\n 'content/dist/rhel9/9/ppc64le/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/debug',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/os',\n 'content/dist/rhel9/9/ppc64le/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/debug',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/os',\n 'content/dist/rhel9/9/ppc64le/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/sap/debug',\n 'content/dist/rhel9/9/ppc64le/sap/os',\n 'content/dist/rhel9/9/ppc64le/sap/source/SRPMS',\n 'content/dist/rhel9/9/ppc64le/supplementary/debug',\n 'content/dist/rhel9/9/ppc64le/supplementary/os',\n 'content/dist/rhel9/9/ppc64le/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/s390x/appstream/debug',\n 'content/dist/rhel9/9/s390x/appstream/os',\n 'content/dist/rhel9/9/s390x/appstream/source/SRPMS',\n 'content/dist/rhel9/9/s390x/baseos/debug',\n 'content/dist/rhel9/9/s390x/baseos/os',\n 'content/dist/rhel9/9/s390x/baseos/source/SRPMS',\n 'content/dist/rhel9/9/s390x/codeready-builder/debug',\n 'content/dist/rhel9/9/s390x/codeready-builder/os',\n 'content/dist/rhel9/9/s390x/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/s390x/highavailability/debug',\n 'content/dist/rhel9/9/s390x/highavailability/os',\n 'content/dist/rhel9/9/s390x/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/s390x/resilientstorage/debug',\n 'content/dist/rhel9/9/s390x/resilientstorage/os',\n 'content/dist/rhel9/9/s390x/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/s390x/sap/debug',\n 'content/dist/rhel9/9/s390x/sap/os',\n 'content/dist/rhel9/9/s390x/sap/source/SRPMS',\n 'content/dist/rhel9/9/s390x/supplementary/debug',\n 'content/dist/rhel9/9/s390x/supplementary/os',\n 'content/dist/rhel9/9/s390x/supplementary/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/appstream/debug',\n 'content/dist/rhel9/9/x86_64/appstream/os',\n 'content/dist/rhel9/9/x86_64/appstream/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/baseos/debug',\n 'content/dist/rhel9/9/x86_64/baseos/os',\n 'content/dist/rhel9/9/x86_64/baseos/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/codeready-builder/debug',\n 'content/dist/rhel9/9/x86_64/codeready-builder/os',\n 'content/dist/rhel9/9/x86_64/codeready-builder/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/highavailability/debug',\n 'content/dist/rhel9/9/x86_64/highavailability/os',\n 'content/dist/rhel9/9/x86_64/highavailability/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/nfv/debug',\n 'content/dist/rhel9/9/x86_64/nfv/os',\n 'content/dist/rhel9/9/x86_64/nfv/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/resilientstorage/debug',\n 'content/dist/rhel9/9/x86_64/resilientstorage/os',\n 'content/dist/rhel9/9/x86_64/resilientstorage/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/rt/debug',\n 'content/dist/rhel9/9/x86_64/rt/os',\n 'content/dist/rhel9/9/x86_64/rt/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap-solutions/debug',\n 'content/dist/rhel9/9/x86_64/sap-solutions/os',\n 'content/dist/rhel9/9/x86_64/sap-solutions/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/sap/debug',\n 'content/dist/rhel9/9/x86_64/sap/os',\n 'content/dist/rhel9/9/x86_64/sap/source/SRPMS',\n 'content/dist/rhel9/9/x86_64/supplementary/debug',\n 'content/dist/rhel9/9/x86_64/supplementary/os',\n 'content/dist/rhel9/9/x86_64/supplementary/source/SRPMS'\n ],\n 'pkgs': [\n {'reference':'osbuild-composer-76-2.el9_2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-core-76-2.el9_2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-dnf-json-76-2.el9_2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'osbuild-composer-worker-76-2.el9_2', 'release':'9', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'weldr-client-35.9-1.el9', 'release':'9', 'rpm_spec_vers_cmp':TRUE}\n ]\n }\n];\n\nvar applicable_repo_urls = rhel_determine_applicable_repository_urls(constraints:constraints);\nif(applicable_repo_urls == RHEL_REPOS_NO_OVERLAP_MESSAGE) exit(0, RHEL_REPO_NOT_ENABLED);\n\nvar flag = 0;\nforeach var constraint_array ( constraints ) {\n var repo_relative_urls = NULL;\n if (!empty_or_null(constraint_array['repo_relative_urls'])) repo_relative_urls = constraint_array['repo_relative_urls'];\n var enterprise_linux_flag = rhel_repo_urls_has_content_dist_rhel(repo_urls:repo_relative_urls);\n foreach var pkg ( constraint_array['pkgs'] ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(pkg['reference'])) reference = pkg['reference'];\n if (!empty_or_null(pkg['release'])) _release = 'RHEL' + pkg['release'];\n if (!empty_or_null(pkg['sp']) && !enterprise_linux_flag) sp = pkg['sp'];\n if (!empty_or_null(pkg['cpu'])) _cpu = pkg['cpu'];\n if (!empty_or_null(pkg['el_string'])) el_string = pkg['el_string'];\n if (!empty_or_null(pkg['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = pkg['rpm_spec_vers_cmp'];\n if (!empty_or_null(pkg['epoch'])) epoch = pkg['epoch'];\n if (!empty_or_null(pkg['allowmaj'])) allowmaj = pkg['allowmaj'];\n if (!empty_or_null(pkg['exists_check'])) exists_check = pkg['exists_check'];\n if (reference &&\n _release &&\n rhel_decide_repo_relative_url_check(required_repo_url_list:repo_relative_urls) &&\n (applicable_repo_urls || (!exists_check || rpm_exists(release:_release, rpm:exists_check))) &&\n rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(applicable_repo_urls)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'osbuild-composer / osbuild-composer-core / osbuild-composer-dnf-json / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:42:40", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-067 advisory.\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. (CVE-2022-2521)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-067)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2519", "CVE-2022-2520", "CVE-2022-2521", "CVE-2022-2868", "CVE-2022-2953"], "modified": "2023-04-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:libtiff", "p-cpe:/a:amazon:linux:libtiff-debuginfo", "p-cpe:/a:amazon:linux:libtiff-debugsource", "p-cpe:/a:amazon:linux:libtiff-devel", "p-cpe:/a:amazon:linux:libtiff-static", "p-cpe:/a:amazon:linux:libtiff-tools", "p-cpe:/a:amazon:linux:libtiff-tools-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-067.NASL", "href": "https://www.tenable.com/plugins/nessus/173112", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-067.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173112);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\n \"CVE-2022-2519\",\n \"CVE-2022-2520\",\n \"CVE-2022-2521\",\n \"CVE-2022-2868\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"Amazon Linux 2023 : libtiff, libtiff-devel, libtiff-static (ALAS2023-2023-067)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-067 advisory.\n\n - There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1\n (CVE-2022-2519)\n\n - A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at\n tiffcrop.c:8621 that can cause program crash when reading a crafted input. (CVE-2022-2520)\n\n - It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at\n tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while\n processing crafted input. (CVE-2022-2521)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-067.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2519.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2520.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2521.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2868.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-2953.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update libtiff --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2521\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/17\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-static\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:libtiff-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'libtiff-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debugsource-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debugsource-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-debugsource-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-devel-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-static-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-static-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-static-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'libtiff-tools-debuginfo-4.4.0-4.amzn2023.0.4', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff / libtiff-debuginfo / libtiff-debugsource / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:44", "description": "According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2825)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2953"], "modified": "2022-12-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2825.NASL", "href": "https://www.tenable.com/plugins/nessus/169014", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169014);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/21\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2825)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2825\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?eb1b67d2\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h16.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:54", "description": "According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-21T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2850)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2953"], "modified": "2022-12-21T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2850.NASL", "href": "https://www.tenable.com/plugins/nessus/168983", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168983);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/21\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS 2.0 SP10 : libtiff (EulerOS-SA-2022-2850)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2850\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d47d4f52\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h16.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:37", "description": "According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-11T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2023-1170)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2953"], "modified": "2023-01-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2023-1170.NASL", "href": "https://www.tenable.com/plugins/nessus/169857", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169857);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/11\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : libtiff (EulerOS-SA-2023-1170)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1170\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?50f680cf\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h16.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:50", "description": "According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2023-1149)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2056", "CVE-2022-2057", "CVE-2022-2058", "CVE-2022-2953"], "modified": "2023-01-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2023-1149.NASL", "href": "https://www.tenable.com/plugins/nessus/169743", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169743);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/10\");\n\n script_cve_id(\n \"CVE-2022-2056\",\n \"CVE-2022-2057\",\n \"CVE-2022-2058\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : libtiff (EulerOS-SA-2023-1149)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - Divide By Zero error in tiffcrop in libtiff 4.4.0 allows attackers to cause a denial-of-service via a\n crafted tiff file. For users that compile libtiff from sources, the fix is available with commit f3a5e010.\n (CVE-2022-2056, CVE-2022-2057, CVE-2022-2058)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1149\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ebfc6115\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2058\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/30\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h16.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:38:36", "description": "According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : golang (EulerOS-SA-2022-2795)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2879", "CVE-2022-2880", "CVE-2022-32189", "CVE-2022-41715"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:golang", "p-cpe:/a:huawei:euleros:golang-bin", "p-cpe:/a:huawei:euleros:golang-src", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2795.NASL", "href": "https://www.tenable.com/plugins/nessus/168514", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168514);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-32189\",\n \"CVE-2022-41715\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : golang (EulerOS-SA-2022-2795)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - A too-short encoded message can cause a panic in Float.GobDecode and Rat GobDecode in math/big in Go\n before 1.17.13 and 1.18.5, potentially allowing a denial of service. (CVE-2022-32189)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2795\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7eea316b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected golang packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:C/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2880\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/08/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"golang-1.11.2-17.h22.eulerosv2r8\",\n \"golang-bin-1.11.2-17.h22.eulerosv2r8\",\n \"golang-src-1.11.2-17.h22.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"golang\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:43:43", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-18908 advisory.\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir type provide access to a tree of files rooted at a given directory. These functions permit access to Windows device files under that root. For example, os.DirFS(C:/tmp).Open(COM1) opens the COM1 device.\n Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the drive and access any path on the system. With fix applied, the behavior of os.DirFS() has changed.\n Previously, an empty root was treated equivalently to /, so os.DirFS().Open(tmp) would open the path /tmp. This now returns an error. (CVE-2022-41720)\n\n - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows.\n In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not properly checked for. A malicious environment variable value can exploit this behavior to set a value for a different environment variable. For example, the environment variable string A=B\\x00C=D sets the variables A=B and C=D. (CVE-2022-41716)\n\n - JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example, JoinPath(https://go.dev, ../go) returns the URL https://go.dev/../go, despite the JoinPath documentation stating that ../ path elements are removed from the result. (CVE-2022-32190)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection. (CVE-2022-41717)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. The parsed regexp representation is linear in the size of the input, but in some cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular expressions whose representation would use more space than that are rejected. Normal use of regular expressions is unaffected. (CVE-2022-41715)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-07T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : ol8addon (ELSA-2023-18908)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-27664", "CVE-2022-2879", "CVE-2022-2880", "CVE-2022-32190", "CVE-2022-41715", "CVE-2022-41716", "CVE-2022-41717", "CVE-2022-41720"], "modified": "2023-03-07T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:delve", "p-cpe:/a:oracle:linux:go-toolset", "p-cpe:/a:oracle:linux:golang", "p-cpe:/a:oracle:linux:golang-bin", "p-cpe:/a:oracle:linux:golang-docs", "p-cpe:/a:oracle:linux:golang-misc", "p-cpe:/a:oracle:linux:golang-race", "p-cpe:/a:oracle:linux:golang-src", "p-cpe:/a:oracle:linux:golang-tests"], "id": "ORACLELINUX_ELSA-2023-18908.NASL", "href": "https://www.tenable.com/plugins/nessus/172239", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-18908.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172239);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/07\");\n\n script_cve_id(\n \"CVE-2022-2879\",\n \"CVE-2022-2880\",\n \"CVE-2022-27664\",\n \"CVE-2022-32190\",\n \"CVE-2022-41715\",\n \"CVE-2022-41716\",\n \"CVE-2022-41717\",\n \"CVE-2022-41720\"\n );\n script_xref(name:\"IAVB\", value:\"2022-B-0042-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0059-S\");\n script_xref(name:\"IAVB\", value:\"2022-B-0046-S\");\n\n script_name(english:\"Oracle Linux 8 : ol8addon (ELSA-2023-18908)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-18908 advisory.\n\n - Reader.Read does not set a limit on the maximum size of file headers. A maliciously crafted archive could\n cause Read to allocate unbounded amounts of memory, potentially causing resource exhaustion or panics.\n After fix, Reader.Read limits the maximum size of header blocks to 1 MiB. (CVE-2022-2879)\n\n - On Windows, restricted files can be accessed via os.DirFS and http.Dir. The os.DirFS function and http.Dir\n type provide access to a tree of files rooted at a given directory. These functions permit access to\n Windows device files under that root. For example, os.DirFS(C:/tmp).Open(COM1) opens the COM1 device.\n Both os.DirFS and http.Dir only provide read-only filesystem access. In addition, on Windows, an os.DirFS\n for the directory (the root of the current drive) can permit a maliciously crafted path to escape from the\n drive and access any path on the system. With fix applied, the behavior of os.DirFS() has changed.\n Previously, an empty root was treated equivalently to /, so os.DirFS().Open(tmp) would open the path\n /tmp. This now returns an error. (CVE-2022-41720)\n\n - Due to unsanitized NUL values, attackers may be able to maliciously set environment variables on Windows.\n In syscall.StartProcess and os/exec.Cmd, invalid environment variable values containing NUL values are not\n properly checked for. A malicious environment variable value can exploit this behavior to set a value for\n a different environment variable. For example, the environment variable string A=B\\x00C=D sets the\n variables A=B and C=D. (CVE-2022-41716)\n\n - JoinPath and URL.JoinPath do not remove ../ path elements appended to a relative path. For example,\n JoinPath(https://go.dev, ../go) returns the URL https://go.dev/../go, despite the JoinPath\n documentation stating that ../ path elements are removed from the result. (CVE-2022-32190)\n\n - Requests forwarded by ReverseProxy include the raw query parameters from the inbound request, including\n unparseable parameters rejected by net/http. This could permit query parameter smuggling when a Go proxy\n forwards a parameter with an unparseable value. After fix, ReverseProxy sanitizes the query parameters in\n the forwarded query when the outbound request's Form field is set after the ReverseProxy. Director\n function returns, indicating that the proxy has parsed the query parameters. Proxies which do not parse\n query parameters continue to forward the original query parameters unchanged. (CVE-2022-2880)\n\n - An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server\n connections contain a cache of HTTP header keys sent by the client. While the total number of entries in\n this cache is capped, an attacker sending very large keys can cause the server to allocate approximately\n 64 MiB per open connection. (CVE-2022-41717)\n\n - In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because\n an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. (CVE-2022-27664)\n\n - Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion\n or denial of service. The parsed regexp representation is linear in the size of the input, but in some\n cases the constant factor can be as high as 40,000, making relatively small regexps consume much larger\n amounts of memory. After fix, each regexp being parsed is limited to a 256 MB memory footprint. Regular\n expressions whose representation would use more space than that are rejected. Normal use of regular\n expressions is unaffected. (CVE-2022-41715)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-18908.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-41720\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/09/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:delve\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:go-toolset\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-docs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-misc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-race\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-src\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:golang-tests\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'delve-1.9.1-1.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'delve-1.9.1-1.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.19.4-1.module+el8.7.0+20922+47ac84ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'go-toolset-1.19.4-1.module+el8.7.0+20922+47ac84ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-bin-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-docs-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-misc-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-race-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-src-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'golang-tests-1.19.4-2.0.1.module+el8.7.0+20922+47ac84ba', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'delve / go-toolset / golang / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:37:42", "description": "According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-11-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libtiff (EulerOS-SA-2022-2735)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2735.NASL", "href": "https://www.tenable.com/plugins/nessus/167414", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167414);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : libtiff (EulerOS-SA-2022-2735)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2735\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?0fbeac8e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h1.r10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:41", "description": "According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-11-14T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : libtiff (EulerOS-SA-2022-2770)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-03-22T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2770.NASL", "href": "https://www.tenable.com/plugins/nessus/167358", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(167358);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/22\");\n\n script_cve_id(\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS 2.0 SP9 : libtiff (EulerOS-SA-2022-2770)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by\nthe following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2770\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?b9572899\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h1.r10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:05", "description": "According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-11T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : libtiff (EulerOS-SA-2023-1196)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-01-11T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2023-1196.NASL", "href": "https://www.tenable.com/plugins/nessus/169827", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169827);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/11\");\n\n script_cve_id(\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : libtiff (EulerOS-SA-2023-1196)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1196\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?7b808b86\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/11\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h1.r10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:22", "description": "According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-10T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : libtiff (EulerOS-SA-2023-1226)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-01-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:libtiff", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2023-1226.NASL", "href": "https://www.tenable.com/plugins/nessus/169731", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169731);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/10\");\n\n script_cve_id(\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : libtiff (EulerOS-SA-2023-1226)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the libtiff package installed, the EulerOS Virtualization installation on the remote host\nis affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1226\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?dbadf6d7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected libtiff packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:libtiff\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"libtiff-4.1.0-1.h1.r10.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libtiff\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:44:04", "description": "According to the versions of the compat-libtiff3 package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-03-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : compat-libtiff3 (EulerOS-SA-2023-1494)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-2867", "CVE-2022-2868", "CVE-2022-2869", "CVE-2022-2953"], "modified": "2023-03-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:compat-libtiff3", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1494.NASL", "href": "https://www.tenable.com/plugins/nessus/172268", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172268);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/08\");\n\n script_cve_id(\n \"CVE-2022-2867\",\n \"CVE-2022-2868\",\n \"CVE-2022-2869\",\n \"CVE-2022-2953\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : compat-libtiff3 (EulerOS-SA-2023-1494)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the compat-libtiff3 package installed, the EulerOS installation on the remote host is\naffected by the following vulnerabilities :\n\n - libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An\n attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with\n certain parameters) could cause a crash or in some cases, further exploitation. (CVE-2022-2867)\n\n - libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and\n ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop. (CVE-2022-2868)\n\n - libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the\n extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this\n flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw\n could cause a crash or potentially further exploitation. (CVE-2022-2869)\n\n - LibTIFF 4.4.0 has an out-of-bounds read in extractImageSection in tools/tiffcrop.c:6905, allowing\n attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from\n sources, the fix is available with commit 48d6ece8. (CVE-2022-2953)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1494\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?5c032c1b\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected compat-libtiff3 packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-2953\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/06/28\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:compat-libtiff3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"compat-libtiff3-3.9.4-11.h32.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"compat-libtiff3\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:47", "description": "The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-0096 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-12T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : dbus (ELSA-2023-0096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-12T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:dbus", "p-cpe:/a:oracle:linux:dbus-common", "p-cpe:/a:oracle:linux:dbus-daemon", "p-cpe:/a:oracle:linux:dbus-devel", "p-cpe:/a:oracle:linux:dbus-libs", "p-cpe:/a:oracle:linux:dbus-tools", "p-cpe:/a:oracle:linux:dbus-x11"], "id": "ORACLELINUX_ELSA-2023-0096.NASL", "href": "https://www.tenable.com/plugins/nessus/169995", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2023-0096.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169995);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/12\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Oracle Linux 8 : dbus (ELSA-2023-0096)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nELSA-2023-0096 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2023-0096.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:dbus-x11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_release = get_kb_item(\"Host/RedHat/release\");\nif (isnull(os_release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:os_release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nvar os_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nvar pkgs = [\n {'reference':'dbus-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-common-1.12.8-23.0.1.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-daemon-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-daemon-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-devel-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-devel-1.12.8-23.0.1.el8_7.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-devel-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-libs-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-libs-1.12.8-23.0.1.el8_7.1', 'cpu':'i686', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-libs-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-tools-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-tools-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-x11-1.12.8-23.0.1.el8_7.1', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-x11-1.12.8-23.0.1.el8_7.1', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release) {\n if (exists_check) {\n if (rpm_exists(release:_release, rpm:exists_check) && rpm_check(release:_release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n } else {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-common / dbus-daemon / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:08", "description": "The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0096 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-13T00:00:00", "type": "nessus", "title": "AlmaLinux 8 : dbus (ALSA-2023:0096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-13T00:00:00", "cpe": ["p-cpe:/a:alma:linux:dbus", "p-cpe:/a:alma:linux:dbus-common", "p-cpe:/a:alma:linux:dbus-daemon", "p-cpe:/a:alma:linux:dbus-devel", "p-cpe:/a:alma:linux:dbus-libs", "p-cpe:/a:alma:linux:dbus-tools", "p-cpe:/a:alma:linux:dbus-x11", "cpe:/o:alma:linux:8", "cpe:/o:alma:linux:8::appstream", "cpe:/o:alma:linux:8::baseos"], "id": "ALMA_LINUX_ALSA-2023-0096.NASL", "href": "https://www.tenable.com/plugins/nessus/170028", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0096.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170028);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/13\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"ALSA\", value:\"2023:0096\");\n\n script_name(english:\"AlmaLinux 8 : dbus (ALSA-2023:0096)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:0096 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/8/ALSA-2023-0096.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:8::baseos\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 8.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'dbus-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-common-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-daemon-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-devel-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-libs-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-tools-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-x11-1.12.8-23.el8_7.1', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-common / dbus-daemon / dbus-devel / dbus-libs / dbus-tools / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:35", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-05T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP11 : dbus (EulerOS-SA-2023-1031)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-05T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1031.NASL", "href": "https://www.tenable.com/plugins/nessus/169549", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169549);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/05\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP11 : dbus (EulerOS-SA-2023-1031)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1031\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?f48ba881\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP11\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(11)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP11\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP11\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.20-6.h8.eulerosv2r11\",\n \"dbus-common-1.12.20-6.h8.eulerosv2r11\",\n \"dbus-daemon-1.12.20-6.h8.eulerosv2r11\",\n \"dbus-libs-1.12.20-6.h8.eulerosv2r11\",\n \"dbus-tools-1.12.20-6.h8.eulerosv2r11\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"11\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:20", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1120)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1120.NASL", "href": "https://www.tenable.com/plugins/nessus/169645", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169645);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/06\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1120)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1120\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?d5bcb156\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-common-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-daemon-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-libs-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-tools-1.12.16-13.h7.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:21", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-01-06T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1096)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-06T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1096.NASL", "href": "https://www.tenable.com/plugins/nessus/169662", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169662);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/06\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP9 : dbus (EulerOS-SA-2023-1096)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1096\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8a378d42\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(9)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP9\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-common-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-daemon-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-libs-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-tools-1.12.16-13.h7.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"9\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:52", "description": "The version of dbus installed on the remote host is prior to 1.12.24-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-260 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-04T00:00:00", "type": "nessus", "title": "Amazon Linux 2022 : dbus (ALAS2022-2022-260)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-04T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:dbus", "p-cpe:/a:amazon:linux:dbus-common", "p-cpe:/a:amazon:linux:dbus-daemon", "p-cpe:/a:amazon:linux:dbus-daemon-debuginfo", "p-cpe:/a:amazon:linux:dbus-debuginfo", "p-cpe:/a:amazon:linux:dbus-debugsource", "p-cpe:/a:amazon:linux:dbus-devel", "p-cpe:/a:amazon:linux:dbus-doc", "p-cpe:/a:amazon:linux:dbus-libs", "p-cpe:/a:amazon:linux:dbus-libs-debuginfo", "p-cpe:/a:amazon:linux:dbus-tests", "p-cpe:/a:amazon:linux:dbus-tests-debuginfo", "p-cpe:/a:amazon:linux:dbus-tools", "p-cpe:/a:amazon:linux:dbus-tools-debuginfo", "p-cpe:/a:amazon:linux:dbus-x11", "p-cpe:/a:amazon:linux:dbus-x11-debuginfo", "cpe:/o:amazon:linux:2022"], "id": "AL2022_ALAS2022-2022-260.NASL", "href": "https://www.tenable.com/plugins/nessus/169514", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2022 Security Advisory ALAS2022-2022-260.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169514);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/04\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Amazon Linux 2022 : dbus (ALAS2022-2022-260)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2022 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dbus installed on the remote host is prior to 1.12.24-1. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2022-2022-260 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2022/ALAS-2022-260.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42012.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update dbus' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/04\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2022\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2022\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2022\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'dbus-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-common-1.12.24-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-doc-1.12.24-1.amzn2022.0.1', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'aarch64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'i686', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2022.0.1', 'cpu':'x86_64', 'release':'AL-2022', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus / dbus-common / dbus-daemon / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:38:36", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2022-12-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP8 : dbus (EulerOS-SA-2022-2791)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2022-12-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-devel", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "p-cpe:/a:huawei:euleros:dbus-x11", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2022-2791.NASL", "href": "https://www.tenable.com/plugins/nessus/168523", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168523);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/08\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP8 : dbus (EulerOS-SA-2022-2791)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2791\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e4ef6224\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-common-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-daemon-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-devel-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-libs-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-tools-1.12.10-1.h10.eulerosv2r8\",\n \"dbus-x11-1.12.10-1.h10.eulerosv2r8\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:33", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3805-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-28T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dbus-1 (SUSE-SU-2022:3805-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dbus-1", "p-cpe:/a:novell:suse_linux:dbus-1-devel", "p-cpe:/a:novell:suse_linux:dbus-1-x11", "p-cpe:/a:novell:suse_linux:libdbus-1-3", "p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-3805-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166695", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3805-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166695);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3805-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dbus-1 (SUSE-SU-2022:3805-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:3805-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1087072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204113\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-October/012727.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?58e33638\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.3)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP3\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2|3)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2/3\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.1', 'SLES_SAP-release-15.1', 'SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_BCL-release-15.2', 'SLES_SAP-release-15.2', 'SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.3', 'SLE_HPC-release-15.3', 'sle-module-basesystem-release-15.3', 'sled-release-15.3', 'sles-release-15.3']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-1']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-ESPOS-release-2']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'1', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.1', 'sles-ltss-release-15.1']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'aarch64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'sp':'2', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLE_HPC-LTSS-release-15.2', 'sles-ltss-release-15.2']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dbus-1-devel-32bit-1.12.2-150100.8.14.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dbus-1-devel-doc-1.12.2-150100.8.14.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150100.8.14.1', 'cpu':'x86_64', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.3']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'1', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.1']},\n {'reference':'dbus-1-1.12.2-150100.8.14.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'dbus-1-devel-1.12.2-150100.8.14.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'dbus-1-x11-1.12.2-150100.8.14.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']},\n {'reference':'libdbus-1-3-1.12.2-150100.8.14.1', 'sp':'2', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-ltss-release-15.2']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus-1 / dbus-1-devel / dbus-1-devel-32bit / dbus-1-devel-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:32", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3804-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-28T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : dbus-1 (SUSE-SU-2022:3804-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dbus-1", "p-cpe:/a:novell:suse_linux:dbus-1-x11", "p-cpe:/a:novell:suse_linux:libdbus-1-3", "p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-3804-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166689", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3804-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166689);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3804-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : dbus-1 (SUSE-SU-2022:3804-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:3804-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1087072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204113\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-October/012728.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?46deee79\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus-1, dbus-1-x11, libdbus-1-3 and / or libdbus-1-3-32bit packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(3|4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP3/4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'dbus-1-1.8.22-29.24.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'dbus-1-x11-1.8.22-29.24.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libdbus-1-3-1.8.22-29.24.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'libdbus-1-3-32bit-1.8.22-29.24.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.4']},\n {'reference':'dbus-1-1.8.22-29.24.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'dbus-1-x11-1.8.22-29.24.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'libdbus-1-3-1.8.22-29.24.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'libdbus-1-3-32bit-1.8.22-29.24.1', 'sp':'3', 'cpu':'x86_64', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-bcl-release-12.3']},\n {'reference':'dbus-1-1.8.22-29.24.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'dbus-1-x11-1.8.22-29.24.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libdbus-1-3-1.8.22-29.24.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']},\n {'reference':'libdbus-1-3-32bit-1.8.22-29.24.1', 'sp':'4', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['sles-release-12.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n if ('ltss' >< tolower(check)) ltss_caveat_required = TRUE;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n var ltss_plugin_caveat = NULL;\n if(ltss_caveat_required) ltss_plugin_caveat = '\\n' +\n 'NOTE: This vulnerability check contains fixes that apply to\\n' +\n 'packages only available in SUSE Enterprise Linux Server LTSS\\n' +\n 'repositories. Access to these package security updates require\\n' +\n 'a paid SUSE LTSS subscription.\\n';\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + ltss_plugin_caveat\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus-1 / dbus-1-x11 / libdbus-1-3 / libdbus-1-3-32bit');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:50", "description": "The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3806-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-28T00:00:00", "type": "nessus", "title": "SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dbus-1 (SUSE-SU-2022:3806-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-02-08T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dbus-1", "p-cpe:/a:novell:suse_linux:dbus-1-devel", "p-cpe:/a:novell:suse_linux:dbus-1-x11", "p-cpe:/a:novell:suse_linux:libdbus-1-3", "p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-3806-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166687", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:3806-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166687);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/08\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:3806-1\");\n\n script_name(english:\"SUSE SLED15 / SLES15 / openSUSE 15 Security Update : dbus-1 (SUSE-SU-2022:3806-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLED15 / SLES15 / openSUSE 15 host has packages installed that are affected by multiple\nvulnerabilities as referenced in the SUSE-SU-2022:3806-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1087072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204113\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-October/012729.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?778e2a3f\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/28\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES|SUSE)\") audit(AUDIT_OS_NOT, \"SUSE / openSUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+|SUSE([\\d.]+))\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE / openSUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED15|SLES15|SUSE15\\.4)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLED15 / SLES15 / openSUSE 15', 'SUSE / openSUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE / openSUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLED15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLED15 SP4\", os_ver + \" SP\" + service_pack);\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(4)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES15 SP4\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'dbus-1-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-devel-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-devel-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-x11-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-x11-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdbus-1-3-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdbus-1-3-1.12.2-150400.18.5.1', 'sp':'4', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150400.18.5.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLED15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150400.18.5.1', 'sp':'4', 'cpu':'x86_64', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-15.4', 'SLE_HPC-release-15.4', 'sle-module-basesystem-release-15.4', 'sled-release-15.4', 'sles-release-15.4']},\n {'reference':'dbus-1-1.12.2-150400.18.5.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'dbus-1-devel-1.12.2-150400.18.5.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'dbus-1-devel-32bit-1.12.2-150400.18.5.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'dbus-1-devel-doc-1.12.2-150400.18.5.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'dbus-1-x11-1.12.2-150400.18.5.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'libdbus-1-3-1.12.2-150400.18.5.1', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']},\n {'reference':'libdbus-1-3-32bit-1.12.2-150400.18.5.1', 'cpu':'x86_64', 'release':'SUSE15.4', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['openSUSE-release-15.4']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus-1 / dbus-1-devel / dbus-1-devel-32bit / dbus-1-devel-doc / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:36:49", "description": "The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5704-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-27T00:00:00", "type": "nessus", "title": "Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 : DBus vulnerabilities (USN-5704-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-17T00:00:00", "cpe": ["cpe:/o:canonical:ubuntu_linux:16.04:-:esm", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "cpe:/o:canonical:ubuntu_linux:20.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.04:-:lts", "cpe:/o:canonical:ubuntu_linux:22.10", "p-cpe:/a:canonical:ubuntu_linux:dbus", "p-cpe:/a:canonical:ubuntu_linux:dbus-bin", "p-cpe:/a:canonical:ubuntu_linux:dbus-daemon", "p-cpe:/a:canonical:ubuntu_linux:dbus-session-bus-common", "p-cpe:/a:canonical:ubuntu_linux:dbus-system-bus-common", "p-cpe:/a:canonical:ubuntu_linux:dbus-tests", "p-cpe:/a:canonical:ubuntu_linux:dbus-user-session", "p-cpe:/a:canonical:ubuntu_linux:dbus-x11", "p-cpe:/a:canonical:ubuntu_linux:libdbus-1-3", "p-cpe:/a:canonical:ubuntu_linux:libdbus-1-dev"], "id": "UBUNTU_USN-5704-1.NASL", "href": "https://www.tenable.com/plugins/nessus/166619", "sourceData": "##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-5704-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <https://ubuntu.com/security/notices>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(166619);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/17\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"USN\", value:\"5704-1\");\n\n script_name(english:\"Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS / 22.10 : DBus vulnerabilities (USN-5704-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 16.04 ESM / 18.04 LTS / 20.04 LTS / 22.04 LTS host has packages installed that are affected by\nmultiple vulnerabilities as referenced in the USN-5704-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-5704-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:16.04:-:esm\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:20.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:22.10\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-bin\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-session-bus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-system-bus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-user-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libdbus-1-dev\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2022-2023 Canonical, Inc. / NASL script (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/Ubuntu/release');\nif ( isnull(os_release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nos_release = chomp(os_release);\nif (! preg(pattern:\"^(16\\.04|18\\.04|20\\.04|22\\.04|22\\.10)$\", string:os_release)) audit(AUDIT_OS_NOT, 'Ubuntu 16.04 / 18.04 / 20.04 / 22.04 / 22.10', 'Ubuntu ' + os_release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\nvar pkgs = [\n {'osver': '16.04', 'pkgname': 'dbus', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '16.04', 'pkgname': 'dbus-tests', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '16.04', 'pkgname': 'dbus-user-session', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '16.04', 'pkgname': 'dbus-x11', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '16.04', 'pkgname': 'libdbus-1-3', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '16.04', 'pkgname': 'libdbus-1-dev', 'pkgver': '1.10.6-1ubuntu3.6+esm2'},\n {'osver': '18.04', 'pkgname': 'dbus', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'dbus-tests', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'dbus-user-session', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'dbus-x11', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'libdbus-1-3', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '18.04', 'pkgname': 'libdbus-1-dev', 'pkgver': '1.12.2-1ubuntu1.4'},\n {'osver': '20.04', 'pkgname': 'dbus', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'dbus-tests', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'dbus-user-session', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'dbus-x11', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'libdbus-1-3', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '20.04', 'pkgname': 'libdbus-1-dev', 'pkgver': '1.12.16-2ubuntu2.3'},\n {'osver': '22.04', 'pkgname': 'dbus', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.04', 'pkgname': 'dbus-tests', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.04', 'pkgname': 'dbus-user-session', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.04', 'pkgname': 'dbus-x11', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.04', 'pkgname': 'libdbus-1-3', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.04', 'pkgname': 'libdbus-1-dev', 'pkgver': '1.12.20-2ubuntu4.1'},\n {'osver': '22.10', 'pkgname': 'dbus', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-bin', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-daemon', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-session-bus-common', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-system-bus-common', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-tests', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-user-session', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'dbus-x11', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'libdbus-1-3', 'pkgver': '1.14.0-2ubuntu3'},\n {'osver': '22.10', 'pkgname': 'libdbus-1-dev', 'pkgver': '1.14.0-2ubuntu3'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var osver = NULL;\n var pkgname = NULL;\n var pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-bin / dbus-daemon / dbus-session-bus-common / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:35:09", "description": "The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5250 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-07T00:00:00", "type": "nessus", "title": "Debian DSA-5250-1 : dbus - security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-03-21T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dbus", "p-cpe:/a:debian:debian_linux:dbus-1-doc", "p-cpe:/a:debian:debian_linux:dbus-tests", "p-cpe:/a:debian:debian_linux:dbus-udeb", "p-cpe:/a:debian:debian_linux:dbus-user-session", "p-cpe:/a:debian:debian_linux:dbus-x11", "p-cpe:/a:debian:debian_linux:libdbus-1-3", "p-cpe:/a:debian:debian_linux:libdbus-1-3-udeb", "p-cpe:/a:debian:debian_linux:libdbus-1-dev", "cpe:/o:debian:debian_linux:11.0"], "id": "DEBIAN_DSA-5250.NASL", "href": "https://www.tenable.com/plugins/nessus/165747", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dsa-5250. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165747);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/21\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Debian DSA-5250-1 : dbus - security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndsa-5250 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1004543\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/dbus\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/security/2022/dsa-5250\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/bullseye/dbus\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the dbus packages.\n\nFor the stable distribution (bullseye), these problems have been fixed in version 1.12.24-0+deb11u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-user-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-3-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:11.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(11)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 11.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '11.0', 'prefix': 'dbus', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'dbus-1-doc', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'dbus-tests', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'dbus-udeb', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'dbus-user-session', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'dbus-x11', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'libdbus-1-3', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'libdbus-1-3-udeb', 'reference': '1.12.24-0+deb11u1'},\n {'release': '11.0', 'prefix': 'libdbus-1-dev', 'reference': '1.12.24-0+deb11u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-1-doc / dbus-tests / dbus-udeb / dbus-user-session / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:35:37", "description": "The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3142 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-10-10T00:00:00", "type": "nessus", "title": "Debian DLA-3142-1 : dbus - LTS security update", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2022-11-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:dbus", "p-cpe:/a:debian:debian_linux:dbus-1-doc", "p-cpe:/a:debian:debian_linux:dbus-tests", "p-cpe:/a:debian:debian_linux:dbus-udeb", "p-cpe:/a:debian:debian_linux:dbus-user-session", "p-cpe:/a:debian:debian_linux:dbus-x11", "p-cpe:/a:debian:debian_linux:libdbus-1-3", "p-cpe:/a:debian:debian_linux:libdbus-1-3-udeb", "p-cpe:/a:debian:debian_linux:libdbus-1-dev", "cpe:/o:debian:debian_linux:10.0"], "id": "DEBIAN_DLA-3142.NASL", "href": "https://www.tenable.com/plugins/nessus/165983", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory dla-3142. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(165983);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/11/29\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Debian DLA-3142-1 : dbus - LTS security update\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Debian host is missing one or more security-related updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the\ndla-3142 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/source-package/dbus\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.debian.org/lts/security/2022/dla-3142\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security-tracker.debian.org/tracker/CVE-2022-42012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://packages.debian.org/source/buster/dbus\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade the dbus packages.\n\nFor Debian 10 buster, these problems have been fixed in version 1.12.24-0+deb10u1.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/10/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-1-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-user-session\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-3-udeb\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libdbus-1-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Debian Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('debian_package.inc');\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar release = get_kb_item('Host/Debian/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Debian');\nvar release = chomp(release);\nif (! preg(pattern:\"^(10)\\.[0-9]+\", string:release)) audit(AUDIT_OS_NOT, 'Debian 10.0', 'Debian ' + release);\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Debian', cpu);\n\nvar pkgs = [\n {'release': '10.0', 'prefix': 'dbus', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'dbus-1-doc', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'dbus-tests', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'dbus-udeb', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'dbus-user-session', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'dbus-x11', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'libdbus-1-3', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'libdbus-1-3-udeb', 'reference': '1.12.24-0+deb10u1'},\n {'release': '10.0', 'prefix': 'libdbus-1-dev', 'reference': '1.12.24-0+deb10u1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var release = NULL;\n var prefix = NULL;\n var reference = NULL;\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['prefix'])) prefix = package_array['prefix'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (release && prefix && reference) {\n if (deb_check(release:release, prefix:prefix, reference:reference)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : deb_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = deb_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-1-doc / dbus-tests / dbus-udeb / dbus-user-session / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:17", "description": "The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:4295-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-11-30T00:00:00", "type": "nessus", "title": "SUSE SLES12 Security Update : dbus-1 (SUSE-SU-2022:4295-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:dbus-1", "p-cpe:/a:novell:suse_linux:dbus-1-devel", "p-cpe:/a:novell:suse_linux:dbus-1-devel-doc", "p-cpe:/a:novell:suse_linux:dbus-1-x11", "p-cpe:/a:novell:suse_linux:libdbus-1-3", "p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit", "cpe:/o:novell:suse_linux:12"], "id": "SUSE_SU-2022-4295-1.NASL", "href": "https://www.tenable.com/plugins/nessus/168286", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:4295-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168286);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/10\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:4295-1\");\n\n script_name(english:\"SUSE SLES12 Security Update : dbus-1 (SUSE-SU-2022:4295-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:4295-1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1087072\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204111\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204112\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1204113\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-November/013162.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?64103cf2\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2022-42012\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/11/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-devel-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dbus-1-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdbus-1-3-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(os_release) || os_release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES12', 'SUSE (' + os_ver + ')');\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE (' + os_ver + ')', cpu);\n\nvar service_pack = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(service_pack)) service_pack = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:service_pack))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + service_pack);\n\nvar pkgs = [\n {'reference':'dbus-1-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'dbus-1-devel-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'dbus-1-devel-doc-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sle-sdk-release-12.5', 'sles-release-12.5']},\n {'reference':'dbus-1-x11-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libdbus-1-3-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']},\n {'reference':'libdbus-1-3-32bit-1.8.22-38.1', 'sp':'5', 'release':'SLES12', 'rpm_spec_vers_cmp':TRUE, 'exists_check':['SLES_SAP-release-12.5', 'sles-release-12.5']}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && _release) {\n if (exists_check) {\n var check_flag = 0;\n foreach var check (exists_check) {\n if (!rpm_exists(release:_release, rpm:check)) continue;\n check_flag++;\n }\n if (!check_flag) continue;\n }\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus-1 / dbus-1-devel / dbus-1-devel-doc / dbus-1-x11 / libdbus-1-3 / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:46:38", "description": "According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-05-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.1 : dbus (EulerOS-SA-2023-1885)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-05-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:uvp:2.10.1"], "id": "EULEROS_SA-2023-1885.NASL", "href": "https://www.tenable.com/plugins/nessus/175776", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175776);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/16\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS Virtualization 2.10.1 : dbus (EulerOS-SA-2023-1885)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1885\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?6b90a43f\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-common-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-daemon-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-libs-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-tools-1.12.16-15.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:41:26", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-02-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1380)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-02-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1380.NASL", "href": "https://www.tenable.com/plugins/nessus/171310", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171310);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1380)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1380\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?92df36a3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-common-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-daemon-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-libs-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-tools-1.12.16-15.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:42:22", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-02-10T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1352)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-02-10T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1352.NASL", "href": "https://www.tenable.com/plugins/nessus/171319", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(171319);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/02/10\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP10 : dbus (EulerOS-SA-2023-1352)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1352\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?42655050\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/02/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(10)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP10\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-common-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-daemon-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-libs-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-tools-1.12.16-15.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"10\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:48:14", "description": "According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-04-27T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.1 : dbus (EulerOS-SA-2023-1621)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:uvp:2.9.1"], "id": "EULEROS_SA-2023-1621.NASL", "href": "https://www.tenable.com/plugins/nessus/174847", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174847);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/27\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS Virtualization 2.9.1 : dbus (EulerOS-SA-2023-1621)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1621\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?29720d4e\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.1\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.1\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.1\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-common-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-daemon-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-libs-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-tools-1.12.16-13.h7.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:44:20", "description": "According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-03-08T00:00:00", "type": "nessus", "title": "EulerOS 2.0 SP5 : dbus (EulerOS-SA-2023-1497)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-03-08T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-devel", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-x11", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2023-1497.NASL", "href": "https://www.tenable.com/plugins/nessus/172287", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(172287);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/03/08\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS 2.0 SP5 : dbus (EulerOS-SA-2023-1497)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS installation on the remote host is affected by the\nfollowing vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1497\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?83260137\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/08\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (_release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nvar sp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.10.24-7.h13.eulerosv2r7\",\n \"dbus-devel-1.10.24-7.h13.eulerosv2r7\",\n \"dbus-libs-1.10.24-7.h13.eulerosv2r7\",\n \"dbus-x11-1.10.24-7.h13.eulerosv2r7\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:46:00", "description": "The version of dbus installed on the remote host is prior to 1.10.24-7. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2006 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-05T00:00:00", "type": "nessus", "title": "Amazon Linux 2 : dbus (ALAS-2023-2006)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-04-19T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:dbus", "p-cpe:/a:amazon:linux:dbus-debuginfo", "p-cpe:/a:amazon:linux:dbus-devel", "p-cpe:/a:amazon:linux:dbus-doc", "p-cpe:/a:amazon:linux:dbus-libs", "p-cpe:/a:amazon:linux:dbus-tests", "p-cpe:/a:amazon:linux:dbus-x11", "cpe:/o:amazon:linux:2"], "id": "AL2_ALAS-2023-2006.NASL", "href": "https://www.tenable.com/plugins/nessus/173909", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2 Security Advisory ALAS-2023-2006.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173909);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/19\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Amazon Linux 2 : dbus (ALAS-2023-2006)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dbus installed on the remote host is prior to 1.10.24-7. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS2-2023-2006 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2/ALAS-2023-2006.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42012.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update dbus' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/03/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/05\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"2\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'dbus-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-doc-1.10.24-7.amzn2.0.3', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.10.24-7.amzn2.0.3', 'cpu':'aarch64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.10.24-7.amzn2.0.3', 'cpu':'i686', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.10.24-7.amzn2.0.3', 'cpu':'x86_64', 'release':'AL2', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus / dbus-debuginfo / dbus-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:48:06", "description": "The version of dbus installed on the remote host is prior to 1.6.12-14.31. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1730 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-04-21T00:00:00", "type": "nessus", "title": "Amazon Linux AMI : dbus (ALAS-2023-1730)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-04-24T00:00:00", "cpe": ["cpe:/o:amazon:linux", "p-cpe:/a:amazon:linux:dbus", "p-cpe:/a:amazon:linux:dbus-debuginfo", "p-cpe:/a:amazon:linux:dbus-devel", "p-cpe:/a:amazon:linux:dbus-doc", "p-cpe:/a:amazon:linux:dbus-libs"], "id": "ALA_ALAS-2023-1730.NASL", "href": "https://www.tenable.com/plugins/nessus/174618", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2023-1730.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174618);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/24\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Amazon Linux AMI : dbus (ALAS-2023-1730)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux AMI host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of dbus installed on the remote host is prior to 1.6.12-14.31. It is, therefore, affected by multiple\nvulnerabilities as referenced in the ALAS-2023-1730 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/ALAS-2023-1730.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42012.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'yum update dbus' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'dbus-1.6.12-14.31.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.6.12-14.31.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.6.12-14.31.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.6.12-14.31.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.6.12-14.31.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.6.12-14.31.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-doc-1.6.12-14.31.amzn1', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.6.12-14.31.amzn1', 'cpu':'i686', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.6.12-14.31.amzn1', 'cpu':'x86_64', 'release':'ALA', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus / dbus-debuginfo / dbus-devel / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:47:05", "description": "According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-04-27T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.9.0 : dbus (EulerOS-SA-2023-1655)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-04-27T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:uvp:2.9.0"], "id": "EULEROS_SA-2023-1655.NASL", "href": "https://www.tenable.com/plugins/nessus/174843", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(174843);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/27\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS Virtualization 2.9.0 : dbus (EulerOS-SA-2023-1655)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1655\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?bd251d3d\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/04/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/04/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.9.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.9.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.9.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-common-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-daemon-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-libs-1.12.16-13.h7.eulerosv2r9\",\n \"dbus-tools-1.12.16-13.h7.eulerosv2r9\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:47:47", "description": "The remote host is affected by the vulnerability described in GLSA-202305-08 (D-Bus: Multiple Vulnerabilities)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-05-03T00:00:00", "type": "nessus", "title": "GLSA-202305-08 : D-Bus: Multiple Vulnerabilities", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-05-03T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:dbus", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-202305-08.NASL", "href": "https://www.tenable.com/plugins/nessus/175037", "sourceData": "#%NASL_MIN_LEVEL 80900\n#\n# (C) Tenable, Inc.\n#\n# @NOAGENT@\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 202305-08.\n#\n# The advisory text is Copyright (C) 2001-2021 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike\n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175037);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/03\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"GLSA-202305-08 : D-Bus: Multiple Vulnerabilities\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote host is affected by the vulnerability described in GLSA-202305-08 (D-Bus: Multiple Vulnerabilities)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://security.gentoo.org/glsa/202305-08\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugs.gentoo.org/show_bug.cgi?id=875518\");\n script_set_attribute(attribute:\"solution\", value:\n\"All D-Bus users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose >=sys-apps/dbus-1.14.4\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/03\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\ninclude('qpkg.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/Gentoo/release')) audit(AUDIT_OS_NOT, 'Gentoo');\nif (!get_kb_item('Host/Gentoo/qpkg-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar flag = 0;\n\nvar packages = [\n {\n 'name' : 'sys-apps/dbus',\n 'unaffected' : make_list(\"ge 1.14.4\"),\n 'vulnerable' : make_list(\"lt 1.14.4\")\n }\n];\n\nforeach var package( packages ) {\n if (isnull(package['unaffected'])) package['unaffected'] = make_list();\n if (isnull(package['vulnerable'])) package['vulnerable'] = make_list();\n if (qpkg_check(package: package['name'] , unaffected: package['unaffected'], vulnerable: package['vulnerable'])) flag++;\n}\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : qpkg_report_get()\n );\n exit(0);\n}\nelse\n{\n qpkg_tests = list_uniq(qpkg_tests);\n var tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'D-Bus');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:48:18", "description": "According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-05-07T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 3.0.2.0 : dbus (EulerOS-SA-2023-1718)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-05-07T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-libs", "cpe:/o:huawei:euleros:uvp:3.0.2.0"], "id": "EULEROS_SA-2023-1718.NASL", "href": "https://www.tenable.com/plugins/nessus/175195", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175195);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/07\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS Virtualization 3.0.2.0 : dbus (EulerOS-SA-2023-1718)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1718\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?a9fab6ef\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/07\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.10.24-7.h13\",\n \"dbus-libs-1.10.24-7.h13\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:46:37", "description": "According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {}, "published": "2023-05-16T00:00:00", "type": "nessus", "title": "EulerOS Virtualization 2.10.0 : dbus (EulerOS-SA-2023-1916)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-05-16T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dbus", "p-cpe:/a:huawei:euleros:dbus-libs", "p-cpe:/a:huawei:euleros:dbus-common", "p-cpe:/a:huawei:euleros:dbus-daemon", "p-cpe:/a:huawei:euleros:dbus-tools", "cpe:/o:huawei:euleros:uvp:2.10.0"], "id": "EULEROS_SA-2023-1916.NASL", "href": "https://www.tenable.com/plugins/nessus/175744", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(175744);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/16\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"EulerOS Virtualization 2.10.0 : dbus (EulerOS-SA-2023-1916)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dbus packages installed, the EulerOS Virtualization installation on the remote host is\naffected by the following vulnerabilities :\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Tenable Network Security has extracted the preceding description block directly from the EulerOS security\nadvisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional\nissues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2023-1916\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?80d987c3\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dbus packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/05/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/05/16\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:2.10.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar _release = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(_release) || _release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nvar uvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"2.10.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 2.10.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu && \"x86\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"x86\" >!< cpu) audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nvar flag = 0;\n\nvar pkgs = [\n \"dbus-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-common-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-daemon-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-libs-1.12.16-15.h5.eulerosv2r10\",\n \"dbus-tools-1.12.16-15.h5.eulerosv2r10\"\n];\n\nforeach (var pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus\");\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:40:14", "description": "The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-7a963a79d1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-23T00:00:00", "type": "nessus", "title": "Fedora 35 : 1:dbus (2022-7a963a79d1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2022-12-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:35", "p-cpe:/a:fedoraproject:fedora:dbus"], "id": "FEDORA_2022-7A963A79D1.NASL", "href": "https://www.tenable.com/plugins/nessus/169191", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2022-7a963a79d1\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169191);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/23\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"FEDORA\", value:\"2022-7a963a79d1\");\n\n script_name(english:\"Fedora 35 : 1:dbus (2022-7a963a79d1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 35 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2022-7a963a79d1 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2022-7a963a79d1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 1:dbus package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:35\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dbus\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^35([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 35', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'dbus-1.12.24-1.fc35', 'release':'FC35', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, '1:dbus');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T16:39:38", "description": "The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-076544c8aa advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-23T00:00:00", "type": "nessus", "title": "Fedora 36 : 1:dbus (2022-076544c8aa)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2022-12-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:36", "p-cpe:/a:fedoraproject:fedora:dbus"], "id": "FEDORA_2022-076544C8AA.NASL", "href": "https://www.tenable.com/plugins/nessus/169187", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n##\n# The descriptive text and package checks in this plugin were\n# extracted from Fedora Security Advisory FEDORA-2022-076544c8aa\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(169187);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/12/23\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"FEDORA\", value:\"2022-076544c8aa\");\n\n script_name(english:\"Fedora 36 : 1:dbus (2022-076544c8aa)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Fedora host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Fedora 36 host has a package installed that is affected by multiple vulnerabilities as referenced in the\nFEDORA-2022-076544c8aa advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2022-076544c8aa\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected 1:dbus package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/10/11\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/23\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:36\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:dbus\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Fedora Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Fedora' >!< os_release) audit(AUDIT_OS_NOT, 'Fedora');\nvar os_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Fedora');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^36([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Fedora 36', 'Fedora ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Fedora', cpu);\n\nvar pkgs = [\n {'reference':'dbus-1.14.4-1.fc36', 'release':'FC36', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && _release) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, '1:dbus');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T18:41:49", "description": "The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:0335 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-01-25T00:00:00", "type": "nessus", "title": "AlmaLinux 9 : dbus (ALSA-2023:0335)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-01-25T00:00:00", "cpe": ["p-cpe:/a:alma:linux:dbus", "p-cpe:/a:alma:linux:dbus-common", "p-cpe:/a:alma:linux:dbus-daemon", "p-cpe:/a:alma:linux:dbus-devel", "p-cpe:/a:alma:linux:dbus-libs", "p-cpe:/a:alma:linux:dbus-tools", "p-cpe:/a:alma:linux:dbus-x11", "cpe:/o:alma:linux:9", "cpe:/o:alma:linux:9::appstream", "cpe:/o:alma:linux:9::baseos"], "id": "ALMA_LINUX_ALSA-2023-0335.NASL", "href": "https://www.tenable.com/plugins/nessus/170582", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# AlmaLinux Security Advisory ALSA-2023:0335.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(170582);\n script_version(\"1.0\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/01/25\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"ALSA\", value:\"2023:0335\");\n\n script_name(english:\"AlmaLinux 9 : dbus (ALSA-2023:0335)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote AlmaLinux host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the\nALSA-2023:0335 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://errata.almalinux.org/9/ALSA-2023-0335.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/01/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/01/25\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:alma:linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::appstream\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:alma:linux:9::baseos\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Alma Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AlmaLinux/release\", \"Host/AlmaLinux/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/AlmaLinux/release');\nif (isnull(os_release) || 'AlmaLinux' >!< os_release) audit(AUDIT_OS_NOT, 'AlmaLinux');\nvar os_ver = pregmatch(pattern: \"AlmaLinux release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'AlmaLinux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'AlmaLinux 9.x', 'AlmaLinux ' + os_ver);\n\nif (!get_kb_item('Host/AlmaLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'AlmaLinux', cpu);\n\nvar pkgs = [\n {'reference':'dbus-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-common-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-daemon-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-devel-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-libs-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-tools-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'dbus-x11-1.12.20-7.el9_1', 'release':'9', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = 'Alma-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dbus / dbus-common / dbus-daemon / dbus-devel / dbus-libs / dbus-tools / etc');\n}\n", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-17T17:42:40", "description": "It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-100 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2023-03-21T00:00:00", "type": "nessus", "title": "Amazon Linux 2023 : dbus, dbus-common, dbus-daemon (ALAS2023-2023-100)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-04-21T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:dbus", "p-cpe:/a:amazon:linux:dbus-common", "p-cpe:/a:amazon:linux:dbus-daemon", "p-cpe:/a:amazon:linux:dbus-daemon-debuginfo", "p-cpe:/a:amazon:linux:dbus-debuginfo", "p-cpe:/a:amazon:linux:dbus-debugsource", "p-cpe:/a:amazon:linux:dbus-devel", "p-cpe:/a:amazon:linux:dbus-doc", "p-cpe:/a:amazon:linux:dbus-libs", "p-cpe:/a:amazon:linux:dbus-libs-debuginfo", "p-cpe:/a:amazon:linux:dbus-tests", "p-cpe:/a:amazon:linux:dbus-tests-debuginfo", "p-cpe:/a:amazon:linux:dbus-tools", "p-cpe:/a:amazon:linux:dbus-tools-debuginfo", "p-cpe:/a:amazon:linux:dbus-x11", "p-cpe:/a:amazon:linux:dbus-x11-debuginfo", "cpe:/o:amazon:linux:2023"], "id": "AL2023_ALAS2023-2023-100.NASL", "href": "https://www.tenable.com/plugins/nessus/173065", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux 2023 Security Advisory ALAS2023-2023-100.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(173065);\n script_version(\"1.1\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/04/21\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n\n script_name(english:\"Amazon Linux 2023 : dbus, dbus-common, dbus-daemon (ALAS2023-2023-100)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Amazon Linux 2023 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-100 advisory.\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message with certain invalid type signatures. (CVE-2022-42010)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash when\n receiving a message where an array length is inconsistent with the size of the element type.\n (CVE-2022-42011)\n\n - An issue was discovered in D-Bus before 1.12.24, 1.13.x and 1.14.x before 1.14.4, and 1.15.x before\n 1.15.2. An authenticated attacker can cause dbus-daemon and other programs that use libdbus to crash by\n sending a message with attached file descriptors in an unexpected format. (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/AL2023/ALAS-2023-100.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42010.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42011.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/cve/html/CVE-2022-42012.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://alas.aws.amazon.com/faqs.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Run 'dnf update dbus --releasever=2023.0.20230222 ' to update your system.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:P/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2023/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2023/03/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-daemon-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-libs-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tests-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-x11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:dbus-x11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux:2023\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nvar alas_release = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(alas_release) || !strlen(alas_release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nvar os_ver = pregmatch(pattern: \"^AL(A|\\d+|-\\d+)\", string:alas_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"-2023\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux 2023\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar pkgs = [\n {'reference':'dbus-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-common-1.12.24-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-daemon-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-debugsource-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-devel-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-doc-1.12.24-1.amzn2023.0.2', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-libs-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tests-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-tools-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'aarch64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'i686', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'dbus-x11-debuginfo-1.12.24-1.amzn2023.0.2', 'cpu':'x86_64', 'release':'AL-2023', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach var package_array ( pkgs ) {\n var reference = NULL;\n var _release = NULL;\n var sp = NULL;\n var _cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) _release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {\n if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dbus / dbus-common / dbus-daemon / etc\");\n}", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2023-05-25T20:35:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8812 advisory.\n\n - dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets (CVE-2022-42010)\n\n - dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type (CVE-2022-42011)\n\n - dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with foreign endianness correctly (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {}, "published": "2022-12-06T00:00:00", "type": "nessus", "title": "RHEL 8 : dbus (RHSA-2022:8812)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2022-42010", "CVE-2022-42011", "CVE-2022-42012"], "modified": "2023-05-25T00:00:00", "cpe": ["cpe:/o:redhat:rhel_aus:8.6", "cpe:/o:redhat:rhel_e4s:8.6", "cpe:/o:redhat:rhel_eus:8.6", "cpe:/o:redhat:rhel_tus:8.6", "p-cpe:/a:redhat:enterprise_linux:dbus", "p-cpe:/a:redhat:enterprise_linux:dbus-common", "p-cpe:/a:redhat:enterprise_linux:dbus-daemon", "p-cpe:/a:redhat:enterprise_linux:dbus-devel", "p-cpe:/a:redhat:enterprise_linux:dbus-libs", "p-cpe:/a:redhat:enterprise_linux:dbus-tools", "p-cpe:/a:redhat:enterprise_linux:dbus-x11"], "id": "REDHAT-RHSA-2022-8812.NASL", "href": "https://www.tenable.com/plugins/nessus/168412", "sourceData": "#%NASL_MIN_LEVEL 80900\n##\n# (C) Tenable, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2022:8812. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(168412);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2023/05/25\");\n\n script_cve_id(\"CVE-2022-42010\", \"CVE-2022-42011\", \"CVE-2022-42012\");\n script_xref(name:\"RHSA\", value:\"2022:8812\");\n\n script_name(english:\"RHEL 8 : dbus (RHSA-2022:8812)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2022:8812 advisory.\n\n - dbus: dbus-daemon crashes when receiving message with incorrectly nested parentheses and curly brackets\n (CVE-2022-42010)\n\n - dbus: dbus-daemon can be crashed by messages with array length inconsistent with element type\n (CVE-2022-42011)\n\n - dbus: `_dbus_marshal_byteswap` doesn't process fds in messages with foreign endianness correctly\n (CVE-2022-42012)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-42010\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-42011\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2022-42012\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2022:8812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2133616\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2133617\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/2133618\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2022-42012\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2022/10/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/12/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/12/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.6\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-daemon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-libs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dbus-x11\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022-2023 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar os_release = get_kb_item('Host/RedHat/release');\nif (isnull(os_release) || 'Red Hat' >!< os_release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:os_release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (!rhel_check_release(operator: 'eq', os_version: os_ver, rhel_version: '8.6')) audit(AUDIT_OS_NOT, 'Red Hat 8.6', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu